All the vulnerabilites related to ImageMagick - ImageMagick
cve-2017-8357
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98388vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/453x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.870Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98388",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98388"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/453"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98388",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98388"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/453"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8357",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98388",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98388"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/453",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/453"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8357",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17887
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
References
https://github.com/ImageMagick/ImageMagick/issues/903x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/903"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/903"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17887",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/903",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/903"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17887",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7521
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378748"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/92"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378748"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/92"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7521",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378748",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378748"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537418"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/92",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/92"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/30eec879c8b446b0ea9a3bb0da1a441cc8482bc4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7521",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0760
Vulnerability from cvelistv5
Published
2005-03-26 05:00
Modified
2024-08-07 21:28
Severity ?
Summary
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:27.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1013550",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013550"
          },
          {
            "name": "SUSE-SA:2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11184",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11184"
          },
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html"
          },
          {
            "name": "DSA-702",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-702"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1013550",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013550"
        },
        {
          "name": "SUSE-SA:2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11184",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11184"
        },
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html"
        },
        {
          "name": "DSA-702",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-702"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0760",
    "datePublished": "2005-03-26T05:00:00",
    "dateReserved": "2005-03-17T00:00:00",
    "dateUpdated": "2024-08-07T21:28:27.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6497
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "96594",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/856882"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-07T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "96594",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/856882"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6497",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "96594",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96594"
            },
            {
              "name": "https://bugs.debian.org/856882",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/856882"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6497",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13311
Vulnerability from cvelistv5
Published
2019-07-05 00:54
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1623"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1623"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1623",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1623"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13311",
    "datePublished": "2019-07-05T00:54:05",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9825
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343481"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343481"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9825",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343481",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343481"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9825",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18210
Vulnerability from cvelistv5
Published
2018-03-01 20:00
Modified
2024-08-05 21:13
Severity ?
Summary
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/791"
          },
          {
            "name": "103212",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103212"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-06T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/791"
        },
        {
          "name": "103212",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103212"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18210",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/791",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/791"
            },
            {
              "name": "103212",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103212"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18210",
    "datePublished": "2018-03-01T20:00:00",
    "dateReserved": "2018-03-01T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6502
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:19.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df"
          },
          {
            "name": "96763",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96763"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df"
        },
        {
          "name": "96763",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96763"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6502",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/126c7c98ea788241922c30df4a5633ea692cf8df"
            },
            {
              "name": "96763",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96763"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6502",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:19.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17680
Vulnerability from cvelistv5
Published
2017-12-14 06:00
Modified
2024-08-05 20:59
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
References
https://github.com/ImageMagick/ImageMagick/issues/873x_refsource_CONFIRM
http://www.securityfocus.com/bid/102203vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:59:17.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/873"
          },
          {
            "name": "102203",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102203"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/873"
        },
        {
          "name": "102203",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102203"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17680",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/873",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/873"
            },
            {
              "name": "102203",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102203"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17680",
    "datePublished": "2017-12-14T06:00:00",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-08-05T20:59:17.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12979
Vulnerability from cvelistv5
Published
2019-06-26 17:09
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:09.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1522"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:10",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1522"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12979",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1522",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1522"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12979",
    "datePublished": "2019-06-26T17:09:24",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:09.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-9135
Vulnerability from cvelistv5
Published
2018-03-30 08:00
Modified
2024-08-05 07:17
Severity ?
Summary
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:51.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1009"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-30T07:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1009"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-9135",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1009",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1009"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-9135",
    "datePublished": "2018-03-30T08:00:00",
    "dateReserved": "2018-03-30T00:00:00",
    "dateUpdated": "2024-08-05T07:17:51.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9915
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 14:02
Severity ?
Summary
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:02:36.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410436"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410436"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9915",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410436",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410436"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9915",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T14:02:36.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12877
Vulnerability from cvelistv5
Published
2017-08-28 19:00
Modified
2024-08-05 18:51
Severity ?
Summary
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:06.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170816 imagemagick: use-after-free in DestroyImage (image.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/08/16/2"
          },
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4074",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4074"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20170816 imagemagick: use-after-free in DestroyImage (image.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/08/16/2"
        },
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4074",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4074"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12877",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170816 imagemagick: use-after-free in DestroyImage (image.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/08/16/2"
            },
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4074",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4074"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-use-after-free-in-destroyimage-image-c/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12877",
    "datePublished": "2017-08-28T19:00:00",
    "dateReserved": "2017-08-15T00:00:00",
    "dateUpdated": "2024-08-05T18:51:06.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-1114
Vulnerability from cvelistv5
Published
2022-04-29 15:38
Modified
2024-08-02 23:55
Severity ?
Summary
A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:23.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick6 v6.9.12-43, ImageMagick7 v7.1.0-28"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-use-after-free flaw was found in ImageMagick\u0027s RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-29T15:38:57",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-1114",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick6 v6.9.12-43, ImageMagick7 v7.1.0-28"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap-use-after-free flaw was found in ImageMagick\u0027s RelinquishDCMInfo() function of dcm.c file. This vulnerability is triggered when an attacker passes a specially crafted DICOM image file to ImageMagick for conversion, potentially leading to information disclosure and a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-1114",
    "datePublished": "2022-04-29T15:38:57",
    "dateReserved": "2022-03-28T00:00:00",
    "dateUpdated": "2024-08-02T23:55:23.392Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11522
Vulnerability from cvelistv5
Published
2017-07-22 21:00
Modified
2024-09-16 19:40
Severity ?
Summary
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.154Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/869209"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/586"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-22T21:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/869209"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/586"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11522",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/816ecab6c532ae086ff4186b3eaf4aa7092d536f"
            },
            {
              "name": "https://bugs.debian.org/869209",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/869209"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/586",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/586"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11522",
    "datePublished": "2017-07-22T21:00:00Z",
    "dateReserved": "2017-07-22T00:00:00Z",
    "dateUpdated": "2024-09-16T19:40:08.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16712
Vulnerability from cvelistv5
Published
2019-09-23 11:45
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1557"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-17T18:07:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1557"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16712",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1557",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1557"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16712",
    "datePublished": "2019-09-23T11:45:42",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-10928
Vulnerability from cvelistv5
Published
2017-07-05 11:00
Modified
2024-08-05 17:50
Severity ?
Summary
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:50:12.720Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/539"
          },
          {
            "name": "99480",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99480"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/539"
        },
        {
          "name": "99480",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99480"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-10928",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/539",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/539"
            },
            {
              "name": "99480",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99480"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-10928",
    "datePublished": "2017-07-05T11:00:00",
    "dateReserved": "2017-07-05T00:00:00",
    "dateUpdated": "2024-08-05T17:50:12.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13141
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.331Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/600"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/600"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870116"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/600",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/600"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13141",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.331Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18272
Vulnerability from cvelistv5
Published
2018-05-18 19:00
Modified
2024-09-16 16:22
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/918"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-18T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/918"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18272",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/918",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/918"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18272",
    "datePublished": "2018-05-18T19:00:00Z",
    "dateReserved": "2018-05-18T00:00:00Z",
    "dateUpdated": "2024-09-16T16:22:46.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9806
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343462"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343462"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343462",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343462"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9806",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13302
Vulnerability from cvelistv5
Published
2019-07-05 00:52
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1597"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1597"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13302",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/fourier.c in ComplexImages."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1597",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1597"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13302",
    "datePublished": "2019-07-05T00:52:44",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7519
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.643Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378746"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378746"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378746",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378746"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/82",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7519",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5247
Vulnerability from cvelistv5
Published
2018-01-05 19:00
Modified
2024-08-05 05:33
Severity ?
Summary
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/928x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:42.720Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/928"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/928"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-5247",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/928",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/928"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-5247",
    "datePublished": "2018-01-05T19:00:00",
    "dateReserved": "2018-01-05T00:00:00",
    "dateUpdated": "2024-08-05T05:33:42.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9556
Vulnerability from cvelistv5
Published
2017-03-23 18:00
Modified
2024-08-06 02:50
Severity ?
Summary
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:38.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "94492",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94492"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h"
          },
          {
            "name": "openSUSE-SU-2016:3024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html"
          },
          {
            "name": "[oss-security] 20161122 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/23/1"
          },
          {
            "name": "[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/02/12"
          },
          {
            "name": "[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/01/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398198"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "94492",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94492"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h"
        },
        {
          "name": "openSUSE-SU-2016:3024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html"
        },
        {
          "name": "[oss-security] 20161122 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/23/1"
        },
        {
          "name": "[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/02/12"
        },
        {
          "name": "[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/01/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398198"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-9556",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "94492",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94492"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h"
            },
            {
              "name": "openSUSE-SU-2016:3024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html"
            },
            {
              "name": "[oss-security] 20161122 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/11/23/1"
            },
            {
              "name": "[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/02/12"
            },
            {
              "name": "[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/01/4"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1398198",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398198"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-9556",
    "datePublished": "2017-03-23T18:00:00",
    "dateReserved": "2016-11-22T00:00:00",
    "dateUpdated": "2024-08-06T02:50:38.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14139
Vulnerability from cvelistv5
Published
2017-09-04 23:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
References
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/578x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:40.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/578"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/578"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/578",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/578"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14139",
    "datePublished": "2017-09-04T23:00:00",
    "dateReserved": "2017-09-04T00:00:00",
    "dateUpdated": "2024-08-05T19:20:40.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11470
Vulnerability from cvelistv5
Published
2019-04-23 13:54
Modified
2024-08-04 22:55
Severity ?
Summary
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1472"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957"
          },
          {
            "name": "openSUSE-SU-2019:1603",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "FEDORA-2019-da4c20882c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
          },
          {
            "name": "FEDORA-2019-425a1aa7c9",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1472"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957"
        },
        {
          "name": "openSUSE-SU-2019:1603",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "FEDORA-2019-da4c20882c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
        },
        {
          "name": "FEDORA-2019-425a1aa7c9",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11470",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1472",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1472"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957"
            },
            {
              "name": "openSUSE-SU-2019:1603",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "FEDORA-2019-da4c20882c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
            },
            {
              "name": "FEDORA-2019-425a1aa7c9",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11470",
    "datePublished": "2019-04-23T13:54:54",
    "dateReserved": "2019-04-23T00:00:00",
    "dateUpdated": "2024-08-04T22:55:40.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9843
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b8df15144d91a19ed545893ea492363635a1cb29"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b8df15144d91a19ed545893ea492363635a1cb29"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9843",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343501",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343501"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b8df15144d91a19ed545893ea492363635a1cb29",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b8df15144d91a19ed545893ea492363635a1cb29"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9843",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-32545
Vulnerability from cvelistv5
Published
2022-06-16 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:46:43.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick 6.9.12-43, ImageMagick 7.1.0-28"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick, causing an outside the range of representable values of type \u0027unsigned char\u0027 at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 - Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-32545",
    "datePublished": "2022-06-16T00:00:00",
    "dateReserved": "2022-06-08T00:00:00",
    "dateUpdated": "2024-08-03T07:46:43.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12675
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-09-17 01:56
Severity ?
Summary
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.639Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/616"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T21:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/616"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12675",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/616",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/616"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12675",
    "datePublished": "2017-08-07T21:00:00Z",
    "dateReserved": "2017-08-07T00:00:00Z",
    "dateUpdated": "2024-09-17T01:56:37.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9846
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.941Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:2073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2016:3060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2016:1724",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2d90693af41a363a988a9db3a91a15f9ca7c7370"
          },
          {
            "name": "SUSE-SU-2016:1783",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343504"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:2073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2016:3060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2016:1724",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2d90693af41a363a988a9db3a91a15f9ca7c7370"
        },
        {
          "name": "SUSE-SU-2016:1783",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343504"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9846",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:2073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2016:3060",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2016:1724",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2d90693af41a363a988a9db3a91a15f9ca7c7370",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2d90693af41a363a988a9db3a91a15f9ca7c7370"
            },
            {
              "name": "SUSE-SU-2016:1783",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343504",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343504"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9846",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.941Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9817
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.543Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343473"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=e24de96ab25b396ae914a7640ff4d61e58c40cf0"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343473"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=e24de96ab25b396ae914a7640ff4d61e58c40cf0"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9817",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343473",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343473"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=e24de96ab25b396ae914a7640ff4d61e58c40cf0",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=e24de96ab25b396ae914a7640ff4d61e58c40cf0"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9817",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11352
Vulnerability from cvelistv5
Published
2017-07-17 01:00
Modified
2024-08-05 18:05
Severity ?
Summary
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://bugs.debian.org/868469x_refsource_CONFIRM
http://www.securityfocus.com/bid/99600vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/502x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:05:30.582Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/868469"
          },
          {
            "name": "99600",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99600"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/502"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/868469"
        },
        {
          "name": "99600",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99600"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/502"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11352",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://bugs.debian.org/868469",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/868469"
            },
            {
              "name": "99600",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99600"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/502",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/502"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11352",
    "datePublished": "2017-07-17T01:00:00",
    "dateReserved": "2017-07-16T00:00:00",
    "dateUpdated": "2024-08-05T18:05:30.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20224
Vulnerability from cvelistv5
Published
2022-08-25 00:00
Modified
2024-08-03 17:30
Severity ?
Summary
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/3083"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick-7.0.10-57, ImageMagick6-6.9.11-57"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An integer overflow issue was discovered in ImageMagick\u0027s ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the \u0027unsigned char\u0027. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 - Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/pull/3083"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/553054c1cb1e4e05ec86237afef76a32cd7c464d"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20224",
    "datePublished": "2022-08-25T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:30:07.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9822
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343478"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343478"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9822",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343478",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343478"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9822",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.551Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9818
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343474"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343474"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9818",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343474",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343474"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9818",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27758
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894236"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894236"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27758",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13295
Vulnerability from cvelistv5
Published
2019-07-05 00:50
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.570Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1608"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:25",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1608"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13295",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1608",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1608"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13295",
    "datePublished": "2019-07-05T00:50:46",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27750
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.842Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891984"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891984"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27750",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12978
Vulnerability from cvelistv5
Published
2019-06-26 17:09
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:09.173Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1519"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:24",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1519"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12978",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1519",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1519"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12978",
    "datePublished": "2019-06-26T17:09:13",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:09.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20313
Vulnerability from cvelistv5
Published
2021-05-11 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947019"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947019"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20313",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14400
Vulnerability from cvelistv5
Published
2017-09-12 21:00
Modified
2024-08-05 19:27
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.102Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100865",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100865"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/746"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100865",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100865"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/746"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14400",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100865",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100865"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/746",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/746"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14400",
    "datePublished": "2017-09-12T21:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12599
Vulnerability from cvelistv5
Published
2018-06-20 18:00
Modified
2024-08-05 08:38
Severity ?
Summary
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
References
https://lists.debian.org/debian-lts-announce/2018/06/msg00004.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3711-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1177x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4245vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:38:06.331Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
          },
          {
            "name": "USN-3711-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3711-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1177"
          },
          {
            "name": "DSA-4245",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4245"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-27T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
        },
        {
          "name": "USN-3711-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3711-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1177"
        },
        {
          "name": "DSA-4245",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4245"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-12599",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
            },
            {
              "name": "USN-3711-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3711-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1177",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1177"
            },
            {
              "name": "DSA-4245",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4245"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12599",
    "datePublished": "2018-06-20T18:00:00",
    "dateReserved": "2018-06-20T00:00:00",
    "dateUpdated": "2024-08-05T08:38:06.331Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15033
Vulnerability from cvelistv5
Published
2017-10-05 07:00
Modified
2024-08-05 19:42
Severity ?
Summary
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.316Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15033",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ef8f40689ac452398026c07da41656a7c87e4683"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15033",
    "datePublished": "2017-10-05T07:00:00",
    "dateReserved": "2017-10-05T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-14981
Vulnerability from cvelistv5
Published
2019-08-12 22:06
Modified
2024-08-05 00:34
Severity ?
Summary
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:53.021Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1552"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc"
          },
          {
            "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1552"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc"
        },
        {
          "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14981",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1552",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1552"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc"
            },
            {
              "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14981",
    "datePublished": "2019-08-12T22:06:50",
    "dateReserved": "2019-08-12T00:00:00",
    "dateUpdated": "2024-08-05T00:34:53.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15218
Vulnerability from cvelistv5
Published
2017-10-10 20:00
Modified
2024-08-05 19:50
Severity ?
Summary
ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/101233vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/760x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "101233",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101233"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/760"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "101233",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101233"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/760"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15218",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "101233",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101233"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/760",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/760"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15218",
    "datePublished": "2017-10-10T20:00:00",
    "dateReserved": "2017-10-10T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0082
Vulnerability from cvelistv5
Published
2006-01-04 23:00
Modified
2024-08-07 16:18
Severity ?
Summary
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/19408third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/452718/100/100/threadedmailing-list, x_refsource_BUGTRAQ
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2006_06_sr.htmlvendor-advisory, x_refsource_SUSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/18851third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/0412vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:024vendor-advisory, x_refsource_MANDRIVA
http://www.gentoo.org/security/en/glsa/glsa-200602-13.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/23090third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1015623vdb-entry, x_refsource_SECTRACK
https://issues.rpath.com/browse/RPL-389x_refsource_CONFIRM
http://secunia.com/advisories/18607third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1vendor-advisory, x_refsource_SUNALERT
http://www.ubuntu.com/usn/usn-246-1vendor-advisory, x_refsource_UBUNTU
http://www.gentoo.org/security/en/glsa/glsa-200602-06.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/18871third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/500third-party-advisory, x_refsource_SREASON
http://secunia.com/advisories/28800third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/12717vdb-entry, x_refsource_BID
http://secunia.com/advisories/22998third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18261third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.ascvendor-advisory, x_refsource_SGI
http://www.debian.org/security/2006/dsa-1213vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/19030third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2006-0178.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/19183third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.755Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:10717",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717"
          },
          {
            "name": "19408",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19408"
          },
          {
            "name": "20061127 rPSA-2006-0218-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876"
          },
          {
            "name": "SUSE-SR:2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
          },
          {
            "name": "SSA:2006-045-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
          },
          {
            "name": "18851",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18851"
          },
          {
            "name": "ADV-2008-0412",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0412"
          },
          {
            "name": "MDKSA-2006:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
          },
          {
            "name": "GLSA-200602-13.xml",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-13.xml"
          },
          {
            "name": "23090",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23090"
          },
          {
            "name": "1015623",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015623"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-389"
          },
          {
            "name": "18607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18607"
          },
          {
            "name": "231321",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
          },
          {
            "name": "USN-246-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-246-1"
          },
          {
            "name": "GLSA-200602-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml"
          },
          {
            "name": "18871",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18871"
          },
          {
            "name": "500",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/500"
          },
          {
            "name": "28800",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28800"
          },
          {
            "name": "12717",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12717"
          },
          {
            "name": "22998",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22998"
          },
          {
            "name": "18261",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18261"
          },
          {
            "name": "20060301-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
          },
          {
            "name": "DSA-1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1213"
          },
          {
            "name": "19030",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19030"
          },
          {
            "name": "RHSA-2006:0178",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
          },
          {
            "name": "19183",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19183"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:10717",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717"
        },
        {
          "name": "19408",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19408"
        },
        {
          "name": "20061127 rPSA-2006-0218-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876"
        },
        {
          "name": "SUSE-SR:2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
        },
        {
          "name": "SSA:2006-045-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
        },
        {
          "name": "18851",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18851"
        },
        {
          "name": "ADV-2008-0412",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0412"
        },
        {
          "name": "MDKSA-2006:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
        },
        {
          "name": "GLSA-200602-13.xml",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-13.xml"
        },
        {
          "name": "23090",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23090"
        },
        {
          "name": "1015623",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015623"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-389"
        },
        {
          "name": "18607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18607"
        },
        {
          "name": "231321",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
        },
        {
          "name": "USN-246-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-246-1"
        },
        {
          "name": "GLSA-200602-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml"
        },
        {
          "name": "18871",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18871"
        },
        {
          "name": "500",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/500"
        },
        {
          "name": "28800",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28800"
        },
        {
          "name": "12717",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12717"
        },
        {
          "name": "22998",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22998"
        },
        {
          "name": "18261",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18261"
        },
        {
          "name": "20060301-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
        },
        {
          "name": "DSA-1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1213"
        },
        {
          "name": "19030",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19030"
        },
        {
          "name": "RHSA-2006:0178",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
        },
        {
          "name": "19183",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19183"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2006-0082",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:10717",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10717"
            },
            {
              "name": "19408",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19408"
            },
            {
              "name": "20061127 rPSA-2006-0218-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876"
            },
            {
              "name": "SUSE-SR:2006:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
            },
            {
              "name": "SSA:2006-045-03",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
            },
            {
              "name": "18851",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18851"
            },
            {
              "name": "ADV-2008-0412",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0412"
            },
            {
              "name": "MDKSA-2006:024",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
            },
            {
              "name": "GLSA-200602-13.xml",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-13.xml"
            },
            {
              "name": "23090",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23090"
            },
            {
              "name": "1015623",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015623"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-389",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-389"
            },
            {
              "name": "18607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18607"
            },
            {
              "name": "231321",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
            },
            {
              "name": "USN-246-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-246-1"
            },
            {
              "name": "GLSA-200602-06",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml"
            },
            {
              "name": "18871",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18871"
            },
            {
              "name": "500",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/500"
            },
            {
              "name": "28800",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28800"
            },
            {
              "name": "12717",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12717"
            },
            {
              "name": "22998",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22998"
            },
            {
              "name": "18261",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18261"
            },
            {
              "name": "20060301-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
            },
            {
              "name": "DSA-1213",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1213"
            },
            {
              "name": "19030",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19030"
            },
            {
              "name": "RHSA-2006:0178",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
            },
            {
              "name": "19183",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19183"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2006-0082",
    "datePublished": "2006-01-04T23:00:00",
    "dateReserved": "2006-01-04T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16412
Vulnerability from cvelistv5
Published
2018-09-03 19:00
Modified
2024-08-05 10:24
Severity ?
Summary
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:24:32.160Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1250"
          },
          {
            "name": "DSA-4316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4316"
          },
          {
            "name": "105241",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105241"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1250"
        },
        {
          "name": "DSA-4316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4316"
        },
        {
          "name": "105241",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105241"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16412",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1250",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1250"
            },
            {
              "name": "DSA-4316",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4316"
            },
            {
              "name": "105241",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105241"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16412",
    "datePublished": "2018-09-03T19:00:00",
    "dateReserved": "2018-09-03T00:00:00",
    "dateUpdated": "2024-08-05T10:24:32.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0259
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:16
Severity ?
Summary
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
References
http://secunia.com/advisories/55035third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/49043third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2012/dsa-2462vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/74657vdb-entry, x_refsource_XF
http://secunia.com/advisories/48679third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259x_refsource_MISC
http://www.securityfocus.com/bid/52898vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://ubuntu.com/usn/usn-1435-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/48974third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/81021vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/49317third-party-advisory, x_refsource_SECUNIA
http://www.cert.fi/en/reports/2012/vulnerability635606.htmlx_refsource_MISC
http://www.securitytracker.com/id?1027032vdb-entry, x_refsource_SECTRACK
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:20.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55035"
          },
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "name": "imagemagick-jpegexif-dos(74657)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74657"
          },
          {
            "name": "48679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48679"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
          },
          {
            "name": "52898",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52898"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "81021",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/81021"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
          },
          {
            "name": "1027032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "55035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55035"
        },
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "name": "imagemagick-jpegexif-dos(74657)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74657"
        },
        {
          "name": "48679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48679"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
        },
        {
          "name": "52898",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52898"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "81021",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/81021"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
        },
        {
          "name": "1027032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0259",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55035",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55035"
            },
            {
              "name": "openSUSE-SU-2012:0692",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
            },
            {
              "name": "49043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49043"
            },
            {
              "name": "DSA-2462",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2462"
            },
            {
              "name": "49063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49063"
            },
            {
              "name": "imagemagick-jpegexif-dos(74657)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74657"
            },
            {
              "name": "48679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48679"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
            },
            {
              "name": "52898",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52898"
            },
            {
              "name": "RHSA-2012:0544",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
            },
            {
              "name": "USN-1435-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-1435-1"
            },
            {
              "name": "48974",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48974"
            },
            {
              "name": "81021",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/81021"
            },
            {
              "name": "49317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49317"
            },
            {
              "name": "http://www.cert.fi/en/reports/2012/vulnerability635606.html",
              "refsource": "MISC",
              "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
            },
            {
              "name": "1027032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027032"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-0259",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2011-12-21T00:00:00",
    "dateUpdated": "2024-08-06T18:16:20.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12435
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/543"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100152",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100152"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/543"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100152",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100152"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12435",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/543",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/543"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100152",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100152"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12435",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25663
Vulnerability from cvelistv5
Published
2020-12-08 20:57
Modified
2024-08-04 15:40
Severity ?
Summary
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.616Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1723"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891601"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-08T20:57:39",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1723"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891601"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25663",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.9-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1723",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1723"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1891601",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891601"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25663",
    "datePublished": "2020-12-08T20:57:39",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11532
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/563"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/563"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11532",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/563",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/563"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11532",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12676
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/618"
          },
          {
            "name": "100225",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100225"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/618"
        },
        {
          "name": "100225",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100225"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12676",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/618",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/618"
            },
            {
              "name": "100225",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100225"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12676",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.442Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16750
Vulnerability from cvelistv5
Published
2018-09-09 15:00
Modified
2024-08-05 10:32
Severity ?
Summary
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
References
https://github.com/ImageMagick/ImageMagick/issues/1118x_refsource_MISC
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/108492vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1118"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "name": "108492",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108492"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-29T09:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1118"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "name": "108492",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108492"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16750",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1118",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1118"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "108492",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108492"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16750",
    "datePublished": "2018-09-09T15:00:00",
    "dateReserved": "2018-09-09T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15281
Vulnerability from cvelistv5
Published
2017-10-12 08:00
Modified
2024-08-05 19:50
Severity ?
Summary
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/832"
          },
          {
            "name": "101276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101276"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to \"Conditional jump or move depends on uninitialised value(s).\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:26",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/832"
        },
        {
          "name": "101276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101276"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15281",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to \"Conditional jump or move depends on uninitialised value(s).\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/832",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/832"
            },
            {
              "name": "101276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101276"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15281",
    "datePublished": "2017-10-12T08:00:00",
    "dateReserved": "2017-10-12T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9439
Vulnerability from cvelistv5
Published
2017-06-05 18:00
Modified
2024-08-05 17:11
Severity ?
Summary
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98907",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/460"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-08T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98907",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/460"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98907",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98907"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/460",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/460"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9439",
    "datePublished": "2017-06-05T18:00:00",
    "dateReserved": "2017-06-05T00:00:00",
    "dateUpdated": "2024-08-05T17:11:01.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10058
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a"
          },
          {
            "name": "95212",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410467"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T20:56:41",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a"
        },
        {
          "name": "95212",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410467"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10058",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4ec444f4eab88cf4bec664fafcf9cab50bc5ff6a"
            },
            {
              "name": "95212",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95212"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410467",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410467"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/47e8e6ceef979327614d0b8f0c76c6ecb18e09cf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10058",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-15139
Vulnerability from cvelistv5
Published
2019-08-18 18:31
Modified
2024-08-05 00:34
Severity ?
Summary
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:53.341Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1553"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7"
          },
          {
            "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "FEDORA-2019-f12cb1ddab",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
          },
          {
            "name": "FEDORA-2019-210b0a6e4f",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:35",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1553"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7"
        },
        {
          "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "FEDORA-2019-f12cb1ddab",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
        },
        {
          "name": "FEDORA-2019-210b0a6e4f",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1553",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1553"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7"
            },
            {
              "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "FEDORA-2019-f12cb1ddab",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/"
            },
            {
              "name": "FEDORA-2019-210b0a6e4f",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15139",
    "datePublished": "2019-08-18T18:31:18",
    "dateReserved": "2019-08-18T00:00:00",
    "dateUpdated": "2024-08-05T00:34:53.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-10131
Vulnerability from cvelistv5
Published
2019-04-30 18:01
Modified
2024-08-04 22:10
Summary
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
Impacted products
ImageMagickImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:10.025Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e"
          },
          {
            "name": "108117",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108117"
          },
          {
            "name": "openSUSE-SU-2019:1427",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "fixed in 7.0.7-28"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-193",
              "description": "CWE-193",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:19",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e"
        },
        {
          "name": "108117",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108117"
        },
        {
          "name": "openSUSE-SU-2019:1427",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-10131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "fixed in 7.0.7-28"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ImageMagick"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-193"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e"
            },
            {
              "name": "108117",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108117"
            },
            {
              "name": "openSUSE-SU-2019:1427",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-10131",
    "datePublished": "2019-04-30T18:01:57",
    "dateReserved": "2019-03-27T00:00:00",
    "dateUpdated": "2024-08-04T22:10:10.025Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-34153
Vulnerability from cvelistv5
Published
2023-05-30 00:00
Modified
2024-08-02 16:01
Severity ?
Summary
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:01:54.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/6338"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210660"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-34153"
          },
          {
            "name": "FEDORA-2023-d53831b69d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick-6.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T02:07:17.015329",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/6338"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210660"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-34153"
        },
        {
          "name": "FEDORA-2023-d53831b69d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-34153",
    "datePublished": "2023-05-30T00:00:00",
    "dateReserved": "2023-05-29T00:00:00",
    "dateUpdated": "2024-08-02T16:01:54.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-14980
Vulnerability from cvelistv5
Published
2019-08-12 22:06
Modified
2024-08-05 00:34
Severity ?
Summary
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:52.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/issues/43"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-17T18:07:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/issues/43"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14980",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/issues/43",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/issues/43"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c5d012a46ae22be9444326aa37969a3f75daa3ba"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-41...7.0.8-42"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14980",
    "datePublished": "2019-08-12T22:06:35",
    "dateReserved": "2019-08-12T00:00:00",
    "dateUpdated": "2024-08-05T00:34:52.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8902
Vulnerability from cvelistv5
Published
2017-02-27 22:00
Modified
2024-08-06 08:29
Severity ?
Summary
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
          },
          {
            "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/17855"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26932"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-27T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
        },
        {
          "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/17855"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26932"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8902",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
            },
            {
              "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
            },
            {
              "name": "http://trac.imagemagick.org/changeset/17855",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/17855"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195269"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26932",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26932"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8902",
    "datePublished": "2017-02-27T22:00:00",
    "dateReserved": "2016-06-05T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27759
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894238"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. The flaw could be triggered by a crafted input file under certain conditions when processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894238"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27759",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13139
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100494",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100494"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T20:59:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100494",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100494"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100494",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100494"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870109"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d072ed6aff835c174e856ce3a428163c0da9e8f4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13139",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12671
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
References
https://github.com/ImageMagick/ImageMagick/issues/621x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/621"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-06T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/621"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12671",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/621",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/621"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12671",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13301
Vulnerability from cvelistv5
Published
2019-07-05 00:52
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.866Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1585"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1589"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1585"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1589"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13301",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1585",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1585"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1589",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1589"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13301",
    "datePublished": "2019-07-05T00:52:28",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8353
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98377vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/454x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98377",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98377"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/454"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98377",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98377"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/454"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8353",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98377",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98377"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/454",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/454"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8353",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12664
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/574"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:57:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/574"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12664",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/574",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/574"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12664",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11534
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/564"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/564"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11534",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/564",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/564"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11534",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11531
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.245Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/566"
          },
          {
            "name": "99998",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99998"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/566"
        },
        {
          "name": "99998",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99998"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11531",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/566",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/566"
            },
            {
              "name": "99998",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99998"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11531",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0397
Vulnerability from cvelistv5
Published
2005-03-07 05:00
Modified
2024-08-07 21:13
Severity ?
Summary
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:13:54.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050303 [USN-90-1] Imagemagick vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110987256010857\u0026w=2"
          },
          {
            "name": "imagemagick-filename-format-string(19586)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19586"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=83542"
          },
          {
            "name": "SUSE-SA:2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
          },
          {
            "name": "RHSA-2005:320",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-320.html"
          },
          {
            "name": "GLSA-200503-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml"
          },
          {
            "name": "DSA-702",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-702"
          },
          {
            "name": "oval:org.mitre.oval:def:10302",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10302"
          },
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "20050303 [USN-90-1] Imagemagick vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110987256010857\u0026w=2"
        },
        {
          "name": "imagemagick-filename-format-string(19586)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19586"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=83542"
        },
        {
          "name": "SUSE-SA:2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
        },
        {
          "name": "RHSA-2005:320",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-320.html"
        },
        {
          "name": "GLSA-200503-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml"
        },
        {
          "name": "DSA-702",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-702"
        },
        {
          "name": "oval:org.mitre.oval:def:10302",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10302"
        },
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0397",
    "datePublished": "2005-03-07T05:00:00",
    "dateReserved": "2005-02-14T00:00:00",
    "dateUpdated": "2024-08-07T21:13:54.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13145
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/501"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T21:04:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/501"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13145",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/acee073df34aa4d491bf5cb74d3a15fc80f0a3aa"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869830"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/501",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/501"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f13c6b54a879aaa771ec64b5a066b939e8f8e7f0"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13145",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9850
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.590Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343510"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2257d1eadd02d89d225fce21013a1219d221dc7d"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343510"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2257d1eadd02d89d225fce21013a1219d221dc7d"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9850",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343510",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343510"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2257d1eadd02d89d225fce21013a1219d221dc7d",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=2257d1eadd02d89d225fce21013a1219d221dc7d"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9850",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12641
Vulnerability from cvelistv5
Published
2017-08-07 15:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/550"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c9aa9f80828594eacbe3affe16c43d623562e5d8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\\png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:20:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/550"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c9aa9f80828594eacbe3affe16c43d623562e5d8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12641",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\\png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/550",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/550"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c9aa9f80828594eacbe3affe16c43d623562e5d8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c9aa9f80828594eacbe3affe16c43d623562e5d8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12641",
    "datePublished": "2017-08-07T15:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.534Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13142
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/46e3aabbf8d59a1bdebdbb65acb9b9e0484577d3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/aa84944b405acebbeefe871d0f64969b9e9f31ac"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870105"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13142",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9440
Vulnerability from cvelistv5
Published
2017-06-05 18:00
Modified
2024-08-05 17:11
Severity ?
Summary
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:00.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98908",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/462"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-08T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98908",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/462"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9440",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98908",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98908"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/462",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/462"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9440",
    "datePublished": "2017-06-05T18:00:00",
    "dateReserved": "2017-06-05T00:00:00",
    "dateUpdated": "2024-08-05T17:11:00.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13140
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.286Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/596"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/596"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/596",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/596"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870111"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13140",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13454
Vulnerability from cvelistv5
Published
2019-07-09 16:07
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:25.072Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1629"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4"
          },
          {
            "name": "109099",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/109099"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:24",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1629"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4"
        },
        {
          "name": "109099",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/109099"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13454",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1629",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1629"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4"
            },
            {
              "name": "109099",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/109099"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13454",
    "datePublished": "2019-07-09T16:07:30",
    "dateReserved": "2019-07-09T00:00:00",
    "dateUpdated": "2024-08-04T23:49:25.072Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10063
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.099Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410476"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "name": "95210",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95210"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:27:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410476"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "name": "95210",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95210"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410476",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410476"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/2bb6941a2d557f26a2f2049ade466e118eeaab91"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "95210",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95210"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/94936efda8aa63563211eda07a5ade92abb32f7a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10063",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12666
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.622Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/572"
          },
          {
            "name": "100226",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100226"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:32:49",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/572"
        },
        {
          "name": "100226",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100226"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12666",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/572",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/572"
            },
            {
              "name": "100226",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100226"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d5559407ce29f4371e5df9c1cbde65455fe5854c"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12666",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16713
Vulnerability from cvelistv5
Published
2019-09-23 11:45
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1558"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1558"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16713",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1558",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1558"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16713",
    "datePublished": "2019-09-23T11:45:30",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11540
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/581"
          },
          {
            "name": "99929",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99929"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/581"
        },
        {
          "name": "99929",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99929"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/581",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/581"
            },
            {
              "name": "99929",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99929"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11540",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10252
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 03:14
Severity ?
Summary
Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:42.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b"
          },
          {
            "name": "DSA-3808",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3808"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b"
        },
        {
          "name": "DSA-3808",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3808"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10252",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426"
            },
            {
              "name": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2",
              "refsource": "CONFIRM",
              "url": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2"
            },
            {
              "name": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b",
              "refsource": "CONFIRM",
              "url": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b"
            },
            {
              "name": "DSA-3808",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3808"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10252",
    "datePublished": "2017-03-14T22:00:00",
    "dateReserved": "2017-03-14T00:00:00",
    "dateUpdated": "2024-08-06T03:14:42.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8895
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:29
Severity ?
Summary
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.110Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747"
          },
          {
            "name": "91025",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91025"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-17T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747"
        },
        {
          "name": "91025",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91025"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8895",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747"
            },
            {
              "name": "91025",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91025"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8895",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.110Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16643
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1199"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c"
          },
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:41",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1199"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c"
        },
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16643",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1199",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1199"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c"
            },
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16643",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13143
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/362"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/362"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/51b0ae01709adc1e4a9245e158ef17b85a110960"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870012"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/362",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/362"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13143",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14137
Vulnerability from cvelistv5
Published
2017-09-04 23:00
Modified
2024-08-05 19:20
Severity ?
Summary
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
References
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/641x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:40.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/641"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/641"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/641",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/641"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14137",
    "datePublished": "2017-09-04T23:00:00",
    "dateReserved": "2017-09-04T00:00:00",
    "dateUpdated": "2024-08-05T19:20:40.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-1798
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 19:08
Severity ?
Summary
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
References
http://secunia.com/advisories/55035third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/74659vdb-entry, x_refsource_XF
http://secunia.com/advisories/49068third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://www.osvdb.org/81023vdb-entry, x_refsource_OSVDB
http://www.debian.org/security/2012/dsa-2462vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/52898vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/48974third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49317third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1027032vdb-entry, x_refsource_SECTRACK
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:08:38.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55035"
          },
          {
            "name": "imagemagick-tiffexififd-dos(74659)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74659"
          },
          {
            "name": "49068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49068"
          },
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "name": "81023",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/81023"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "name": "52898",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52898"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          },
          {
            "name": "1027032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "55035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55035"
        },
        {
          "name": "imagemagick-tiffexififd-dos(74659)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74659"
        },
        {
          "name": "49068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49068"
        },
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "name": "81023",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/81023"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "name": "52898",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52898"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        },
        {
          "name": "1027032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-1798",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55035",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55035"
            },
            {
              "name": "imagemagick-tiffexififd-dos(74659)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74659"
            },
            {
              "name": "49068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49068"
            },
            {
              "name": "openSUSE-SU-2012:0692",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
            },
            {
              "name": "81023",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/81023"
            },
            {
              "name": "DSA-2462",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2462"
            },
            {
              "name": "49063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49063"
            },
            {
              "name": "52898",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52898"
            },
            {
              "name": "RHSA-2012:0544",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
            },
            {
              "name": "48974",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48974"
            },
            {
              "name": "49317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49317"
            },
            {
              "name": "1027032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027032"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-1798",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2012-03-21T00:00:00",
    "dateUpdated": "2024-08-06T19:08:38.630Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9816
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343472"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343472"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9816",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343472",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343472"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9816",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9853
Vulnerability from cvelistv5
Published
2017-03-17 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.499Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:2073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2016:3060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2016:1724",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2016:1783",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343513"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:2073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2016:3060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2016:1724",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2016:1783",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343513"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:2073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2016:3060",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2016:1724",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2016:1783",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343513",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343513"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9853",
    "datePublished": "2017-03-17T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18253
Vulnerability from cvelistv5
Published
2018-03-27 03:00
Modified
2024-08-05 21:13
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.230Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/794"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-27T03:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/794"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18253",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/794",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/794"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18253",
    "datePublished": "2018-03-27T03:00:00",
    "dateReserved": "2018-03-26T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.230Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25665
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 15:40
Severity ?
Summary
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891606"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891606"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25665",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.540Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10069
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.120Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410507"
          },
          {
            "name": "95216",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95216"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410507"
        },
        {
          "name": "95216",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95216"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10069",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410507",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410507"
            },
            {
              "name": "95216",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95216"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10069",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-3717
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
Summary
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
References
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/538378/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/39767/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlvendor-advisory, x_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlmailing-list, x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/18mailing-list, x_refsource_MLIST
https://security.gentoo.org/glsa/201611-21vendor-advisory, x_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568vendor-advisory, x_refsource_SLACKWARE
https://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3580vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2016-0726.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.448Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2016:1266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
          },
          {
            "name": "openSUSE-SU-2016:1326",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "openSUSE-SU-2016:1261",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
          },
          {
            "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
          },
          {
            "name": "39767",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39767/"
          },
          {
            "name": "SUSE-SU-2016:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
          },
          {
            "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "SUSE-SU-2016:1275",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
          },
          {
            "name": "SSA:2016-132-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "DSA-3580",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3580"
          },
          {
            "name": "RHSA-2016:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2016:1266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
        },
        {
          "name": "openSUSE-SU-2016:1326",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "openSUSE-SU-2016:1261",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
        },
        {
          "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
        },
        {
          "name": "39767",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39767/"
        },
        {
          "name": "SUSE-SU-2016:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
        },
        {
          "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "SUSE-SU-2016:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
        },
        {
          "name": "SSA:2016-132-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "DSA-3580",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3580"
        },
        {
          "name": "RHSA-2016:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-3717",
    "datePublished": "2016-05-05T18:00:00",
    "dateReserved": "2016-03-30T00:00:00",
    "dateUpdated": "2024-08-06T00:03:34.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12427
Vulnerability from cvelistv5
Published
2017-08-04 09:00
Modified
2024-08-05 18:36
Severity ?
Summary
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.205Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/636"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/636"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12427",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/636",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/636"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e793eb203e5e0f91f5037aed6585e81b1e27395b"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12427",
    "datePublished": "2017-08-04T09:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13132
Vulnerability from cvelistv5
Published
2017-08-23 03:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/674x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/100458vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/674"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100458",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100458"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the \"dump uncompressed PseudoColor packets\" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/674"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100458",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100458"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13132",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the \"dump uncompressed PseudoColor packets\" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/674",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/674"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100458",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100458"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13132",
    "datePublished": "2017-08-23T03:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8866
Vulnerability from cvelistv5
Published
2017-02-15 19:00
Modified
2024-08-06 02:35
Severity ?
Summary
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:35:01.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20161021 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/21/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388816"
          },
          {
            "name": "openSUSE-SU-2016:3238",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html"
          },
          {
            "name": "openSUSE-SU-2017:0023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
          },
          {
            "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
          },
          {
            "name": "openSUSE-SU-2016:3233",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-27T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20161021 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/21/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388816"
        },
        {
          "name": "openSUSE-SU-2016:3238",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html"
        },
        {
          "name": "openSUSE-SU-2017:0023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
        },
        {
          "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
        },
        {
          "name": "openSUSE-SU-2016:3233",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8866",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20161021 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/21/5"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1388816",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388816"
            },
            {
              "name": "openSUSE-SU-2016:3238",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html"
            },
            {
              "name": "openSUSE-SU-2017:0023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
            },
            {
              "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/271",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
            },
            {
              "name": "openSUSE-SU-2016:3233",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8866",
    "datePublished": "2017-02-15T19:00:00",
    "dateReserved": "2016-10-21T00:00:00",
    "dateUpdated": "2024-08-06T02:35:01.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-20467
Vulnerability from cvelistv5
Published
2018-12-26 03:00
Modified
2024-08-05 12:05
Severity ?
Summary
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:05:17.002Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb"
          },
          {
            "name": "106315",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106315"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1408"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-12-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb"
        },
        {
          "name": "106315",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106315"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1408"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20467",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb"
            },
            {
              "name": "106315",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106315"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1408",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1408"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20467",
    "datePublished": "2018-12-26T03:00:00",
    "dateReserved": "2018-12-25T00:00:00",
    "dateUpdated": "2024-08-05T12:05:17.002Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-8804
Vulnerability from cvelistv5
Published
2018-03-20 05:00
Modified
2024-08-05 07:02
Severity ?
Summary
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
References
http://www.securityfocus.com/bid/103498vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1025x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:02:26.049Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103498",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103498"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1025"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "103498",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103498"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1025"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-8804",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103498",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103498"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1025",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1025"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-8804",
    "datePublished": "2018-03-20T05:00:00",
    "dateReserved": "2018-03-19T00:00:00",
    "dateUpdated": "2024-08-05T07:02:26.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11753
Vulnerability from cvelistv5
Published
2017-07-30 18:00
Modified
2024-08-05 18:19
Severity ?
Summary
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:38.910Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/629"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/629"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11753",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/629",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/629"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11753",
    "datePublished": "2017-07-30T18:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:38.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4987
Vulnerability from cvelistv5
Published
2007-09-24 22:00
Modified
2024-08-07 15:17
Severity ?
Summary
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.
References
http://secunia.com/advisories/27364third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/483572/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.ubuntu.com/usn/usn-523-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27309third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/25766vdb-entry, x_refsource_BID
http://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/36739vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/3245vdb-entry, x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200710-27.xmlvendor-advisory, x_refsource_GENTOO
http://www.securitytracker.com/id?1018729vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/27048third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27439third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1743x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.htmlmailing-list, x_refsource_MLIST
http://secunia.com/advisories/26926third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035vendor-advisory, x_refsource_MANDRIVA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595third-party-advisory, x_refsource_IDEFENSE
http://bugs.gentoo.org/show_bug.cgi?id=186030x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_23_sr.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:28.139Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27364"
          },
          {
            "name": "20071112 FLEA-2007-0066-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
          },
          {
            "name": "USN-523-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-523-1"
          },
          {
            "name": "27309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27309"
          },
          {
            "name": "25766",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25766"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "imagemagick-readblogstring-bo(36739)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36739"
          },
          {
            "name": "ADV-2007-3245",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3245"
          },
          {
            "name": "GLSA-200710-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
          },
          {
            "name": "1018729",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018729"
          },
          {
            "name": "27048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27048"
          },
          {
            "name": "28721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28721"
          },
          {
            "name": "27439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27439"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1743"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
          },
          {
            "name": "26926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26926"
          },
          {
            "name": "MDVSA-2008:035",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
          },
          {
            "name": "20070919 Multiple Vendor ImageMagick Off-By-One Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
          },
          {
            "name": "SUSE-SR:2007:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a \u0027\\0\u0027 character to an out-of-bounds address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27364"
        },
        {
          "name": "20071112 FLEA-2007-0066-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
        },
        {
          "name": "USN-523-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-523-1"
        },
        {
          "name": "27309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27309"
        },
        {
          "name": "25766",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25766"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "imagemagick-readblogstring-bo(36739)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36739"
        },
        {
          "name": "ADV-2007-3245",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3245"
        },
        {
          "name": "GLSA-200710-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
        },
        {
          "name": "1018729",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018729"
        },
        {
          "name": "27048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27048"
        },
        {
          "name": "28721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28721"
        },
        {
          "name": "27439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27439"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1743"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
        },
        {
          "name": "26926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26926"
        },
        {
          "name": "MDVSA-2008:035",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
        },
        {
          "name": "20070919 Multiple Vendor ImageMagick Off-By-One Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
        },
        {
          "name": "SUSE-SR:2007:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4987",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a \u0027\\0\u0027 character to an out-of-bounds address."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27364"
            },
            {
              "name": "20071112 FLEA-2007-0066-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
            },
            {
              "name": "USN-523-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-523-1"
            },
            {
              "name": "27309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27309"
            },
            {
              "name": "25766",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25766"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "imagemagick-readblogstring-bo(36739)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36739"
            },
            {
              "name": "ADV-2007-3245",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3245"
            },
            {
              "name": "GLSA-200710-27",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
            },
            {
              "name": "1018729",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018729"
            },
            {
              "name": "27048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27048"
            },
            {
              "name": "28721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28721"
            },
            {
              "name": "27439",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27439"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1743",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1743"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
              "refsource": "MLIST",
              "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
            },
            {
              "name": "26926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26926"
            },
            {
              "name": "MDVSA-2008:035",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
            },
            {
              "name": "20070919 Multiple Vendor ImageMagick Off-By-One Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=186030",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
            },
            {
              "name": "SUSE-SR:2007:023",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4987",
    "datePublished": "2007-09-24T22:00:00",
    "dateReserved": "2007-09-19T00:00:00",
    "dateUpdated": "2024-08-07T15:17:28.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-14437
Vulnerability from cvelistv5
Published
2018-07-20 00:00
Modified
2024-08-05 09:29
Severity ?
Summary
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1190x_refsource_MISC
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:29:50.781Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1190"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-05T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1190"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14437",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1190",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1190"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14437",
    "datePublished": "2018-07-20T00:00:00",
    "dateReserved": "2018-07-19T00:00:00",
    "dateUpdated": "2024-08-05T09:29:50.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11752
Vulnerability from cvelistv5
Published
2017-07-30 18:00
Modified
2024-08-05 18:19
Severity ?
Summary
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:39.008Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/628"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/628"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11752",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/628",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/628"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11752",
    "datePublished": "2017-07-30T18:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:39.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11528
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.144Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/522"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/522"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11528",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867811"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/522",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/522"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11528",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16329
Vulnerability from cvelistv5
Published
2018-09-01 22:00
Modified
2024-09-17 00:40
Severity ?
Summary
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:38.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1225"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-01T22:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1225"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1225",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1225"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16329",
    "datePublished": "2018-09-01T22:00:00Z",
    "dateReserved": "2018-09-01T00:00:00Z",
    "dateUpdated": "2024-09-17T00:40:34.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14684
Vulnerability from cvelistv5
Published
2017-09-22 01:00
Modified
2024-08-05 19:34
Severity ?
Summary
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/770x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.451Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/770"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/770"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14684",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/770",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/770"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14684",
    "datePublished": "2017-09-22T01:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.451Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-7395
Vulnerability from cvelistv5
Published
2019-02-05 00:00
Modified
2024-08-04 20:46
Severity ?
Summary
In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:46.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1451"
          },
          {
            "name": "106850",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106850"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1451"
        },
        {
          "name": "106850",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106850"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7395",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1451",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1451"
            },
            {
              "name": "106850",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106850"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7395",
    "datePublished": "2019-02-05T00:00:00",
    "dateReserved": "2019-02-04T00:00:00",
    "dateUpdated": "2024-08-04T20:46:46.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0802
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.483Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
          },
          {
            "name": "201611",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
          },
          {
            "name": "CLA-2004:870",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
          },
          {
            "name": "imlib2-bmp-bo(17183)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
          },
          {
            "name": "11084",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11084"
          },
          {
            "name": "MDKSA-2004:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
          },
          {
            "name": "GLSA-200409-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
        },
        {
          "name": "201611",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
        },
        {
          "name": "CLA-2004:870",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
        },
        {
          "name": "imlib2-bmp-bo(17183)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
        },
        {
          "name": "11084",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11084"
        },
        {
          "name": "MDKSA-2004:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
        },
        {
          "name": "GLSA-200409-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0802",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup",
              "refsource": "MISC",
              "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
            },
            {
              "name": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html",
              "refsource": "CONFIRM",
              "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
            },
            {
              "name": "201611",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
            },
            {
              "name": "CLA-2004:870",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
            },
            {
              "name": "imlib2-bmp-bo(17183)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
            },
            {
              "name": "11084",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11084"
            },
            {
              "name": "MDKSA-2004:089",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
            },
            {
              "name": "GLSA-200409-12",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0802",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-08-25T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14060
Vulnerability from cvelistv5
Published
2017-08-31 15:00
Modified
2024-08-05 19:13
Severity ?
Summary
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:13:41.824Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/710"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/710"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14060",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/710",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/710"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14060",
    "datePublished": "2017-08-31T15:00:00",
    "dateReserved": "2017-08-31T00:00:00",
    "dateUpdated": "2024-08-05T19:13:41.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8901
Vulnerability from cvelistv5
Published
2017-02-27 22:00
Modified
2024-08-06 08:29
Severity ?
Summary
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.113Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26931"
          },
          {
            "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/17854"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-27T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26931"
        },
        {
          "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/17854"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8901",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26931",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26931"
            },
            {
              "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265"
            },
            {
              "name": "http://trac.imagemagick.org/changeset/17854",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/17854"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8901",
    "datePublished": "2017-02-27T22:00:00",
    "dateReserved": "2016-06-05T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.113Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7540
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378777"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060"
          },
          {
            "name": "93228",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93228"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/pull/223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378777"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060"
        },
        {
          "name": "93228",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93228"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service (assertion failure) by converting an image to rgf format."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a0108a892f9ea3c2bb1e7a49b7d71376c2ecbff7"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/pull/223",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/pull/223"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378777",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378777"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1594060"
            },
            {
              "name": "93228",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93228"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7540",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8896
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:29
Severity ?
Summary
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "91027",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91027"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20151008 Re: CVE Request: ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/08/3"
          },
          {
            "name": "[oss-security] 20151006 CVE Request: ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/10/07/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-17T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "91027",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91027"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20151008 Re: CVE Request: ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/08/3"
        },
        {
          "name": "[oss-security] 20151006 CVE Request: ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/10/07/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8896",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "91027",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91027"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20151008 Re: CVE Request: ImageMagick",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/08/3"
            },
            {
              "name": "[oss-security] 20151006 CVE Request: ImageMagick",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/10/07/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8896",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-10804
Vulnerability from cvelistv5
Published
2018-05-08 07:00
Modified
2024-08-05 07:46
Severity ?
Summary
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1053x_refsource_MISC
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:46:46.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1053"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1053"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10804",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1053",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1053"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10804",
    "datePublished": "2018-05-08T07:00:00",
    "dateReserved": "2018-05-08T00:00:00",
    "dateUpdated": "2024-08-05T07:46:46.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12643
Vulnerability from cvelistv5
Published
2017-08-07 15:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/549"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100218"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d9ccd8227c4c88a907cda5278408b73552cb0c07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\\png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:16:51",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/549"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100218"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d9ccd8227c4c88a907cda5278408b73552cb0c07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12643",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\\png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/549",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/549"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100218"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d9ccd8227c4c88a907cda5278408b73552cb0c07",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d9ccd8227c4c88a907cda5278408b73552cb0c07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12643",
    "datePublished": "2017-08-07T15:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-15141
Vulnerability from cvelistv5
Published
2019-08-18 18:30
Modified
2024-08-05 00:42
Severity ?
Summary
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:42:03.969Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1560"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-17T18:07:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1560"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1560",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1560"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15141",
    "datePublished": "2019-08-18T18:30:56",
    "dateReserved": "2019-08-18T00:00:00",
    "dateUpdated": "2024-08-05T00:42:03.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11478
Vulnerability from cvelistv5
Published
2017-07-20 16:00
Modified
2024-09-17 02:00
Severity ?
Summary
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/528"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-20T16:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/528"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/528",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/528"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11478",
    "datePublished": "2017-07-20T16:00:00Z",
    "dateReserved": "2017-07-20T00:00:00Z",
    "dateUpdated": "2024-09-17T02:00:40.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18273
Vulnerability from cvelistv5
Published
2018-05-18 19:00
Modified
2024-08-05 21:13
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.232Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/910"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:19",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/910"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18273",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/910",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/910"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18273",
    "datePublished": "2018-05-18T19:00:00",
    "dateReserved": "2018-05-18T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12640
Vulnerability from cvelistv5
Published
2017-08-07 15:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/542"
          },
          {
            "name": "100155",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100155"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/307fa45d512641fcd105f0d57ca50c1437cd1b81"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:13:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/542"
        },
        {
          "name": "100155",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100155"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/307fa45d512641fcd105f0d57ca50c1437cd1b81"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12640",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/542",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/542"
            },
            {
              "name": "100155",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100155"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/307fa45d512641fcd105f0d57ca50c1437cd1b81",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/307fa45d512641fcd105f0d57ca50c1437cd1b81"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12640",
    "datePublished": "2017-08-07T15:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.436Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-3195
Vulnerability from cvelistv5
Published
2023-06-16 00:00
Modified
2024-08-02 06:48
Severity ?
Summary
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:48:08.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214141"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-3195"
          },
          {
            "name": "FEDORA-2023-27548af422",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick 6.9.12-26, ImageMagick 7.1.0-11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow issue was found in ImageMagick\u0027s coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 - Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T02:07:15.420160",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214141"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-3195"
        },
        {
          "name": "FEDORA-2023-27548af422",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-3195",
    "datePublished": "2023-06-16T00:00:00",
    "dateReserved": "2023-06-12T00:00:00",
    "dateUpdated": "2024-08-02T06:48:08.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-4564
Vulnerability from cvelistv5
Published
2016-06-04 16:00
Modified
2024-08-06 00:32
Severity ?
Summary
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:25.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-20T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-4564",
    "datePublished": "2016-06-04T16:00:00",
    "dateReserved": "2016-05-06T00:00:00",
    "dateUpdated": "2024-08-06T00:32:25.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7516
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.652Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452"
          },
          {
            "name": "93129",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93129"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/77"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452"
        },
        {
          "name": "93129",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93129"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/77"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7516",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452"
            },
            {
              "name": "93129",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93129"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/77",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/77"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7516",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10064
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "name": "95211",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95211"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:29:53",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "name": "95211",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95211"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "95211",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95211"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/63302366a63602acbaad5c8223a105811b2adddd"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10064",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-10177
Vulnerability from cvelistv5
Published
2018-04-16 23:00
Modified
2024-08-05 07:32
Severity ?
Summary
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:32:01.625Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1095"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:26",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1095"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10177",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1095",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1095"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10177",
    "datePublished": "2018-04-16T23:00:00",
    "dateReserved": "2018-04-16T00:00:00",
    "dateUpdated": "2024-08-05T07:32:01.625Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14505
Vulnerability from cvelistv5
Published
2017-09-17 19:00
Modified
2024-08-05 19:27
Severity ?
Summary
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/716"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100882",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100882"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/716"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100882",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100882"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14505",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/716",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/716"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100882",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100882"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14505",
    "datePublished": "2017-09-17T19:00:00",
    "dateReserved": "2017-09-17T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20312
Vulnerability from cvelistv5
Published
2021-05-11 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946742"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946742"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20312",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.585Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7525
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.481Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/98"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378757"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/98"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378757"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7525",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/98",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/98"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5f16640725b1225e6337c62526e6577f0f88edb8"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378757",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378757"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537424"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7525",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8352
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98372vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/452x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98372",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98372"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/452"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98372",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98372"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/452"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8352",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98372",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98372"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/452",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/452"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8352",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.679Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13137
Vulnerability from cvelistv5
Published
2019-07-01 19:27
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.509Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1601"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1601"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1601",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1601"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13137",
    "datePublished": "2019-07-01T19:27:56",
    "dateReserved": "2019-07-01T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16640
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:52.316Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1201"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-05T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1201"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16640",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1201",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1201"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16640",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:52.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7526
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.506Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/102"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378758"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/bugs/1539050"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:43:39",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/102"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378758"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/bugs/1539050"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7526",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/102",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/102"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378758",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378758"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/bugs/1539050",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/bugs/1539050"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b6ae2f9e0ab13343c0281732d479757a8e8979c7"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d9b2209a69ee90d8df81fb124eb66f593eb9f599"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/998c687fb83993c13fa711d75f59a95b38ceab77"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b60d1ed0af37c50b91a40937825b4c61e8458095"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7526",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.506Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7524
Vulnerability from cvelistv5
Published
2020-02-06 13:37
Modified
2024-08-06 02:04
Severity ?
Summary
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Impacted products
ImageMagickImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/96"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "before 7.0.1-0"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-06T13:37:34",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/96"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7524",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 7.0.1-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ImageMagick"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/96",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/96"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2016/09/22/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7524",
    "datePublished": "2020-02-06T13:37:34",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11310
Vulnerability from cvelistv5
Published
2017-07-13 18:00
Modified
2024-08-05 18:05
Severity ?
Summary
The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:05:30.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08"
          },
          {
            "name": "99585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99585"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/517"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The read_user_chunk_callback function in coders\\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-15T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08"
        },
        {
          "name": "99585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99585"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/517"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11310",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The read_user_chunk_callback function in coders\\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8ca35831e91c3db8c6d281d09b605001003bec08"
            },
            {
              "name": "99585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99585"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/517",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/517"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11310",
    "datePublished": "2017-07-13T18:00:00",
    "dateReserved": "2017-07-13T00:00:00",
    "dateUpdated": "2024-08-05T18:05:30.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14625
Vulnerability from cvelistv5
Published
2017-09-21 05:00
Modified
2024-08-05 19:34
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100941",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100941"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100941",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100941"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14625",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100941",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100941"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/721",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14625",
    "datePublished": "2017-09-21T05:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27767
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.680Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894687"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894687"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27767",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.680Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-1882
Vulnerability from cvelistv5
Published
2009-06-02 15:00
Modified
2024-08-07 05:27
Severity ?
Summary
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.
References
http://osvdb.org/54729vdb-entry, x_refsource_OSVDB
http://wiki.rpath.com/Advisories:rPSA-2010-0074x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201311-10.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/37959third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/06/08/1mailing-list, x_refsource_MLIST
https://usn.ubuntu.com/784-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/514516/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/35382third-party-advisory, x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.htmlvendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/55721third-party-advisory, x_refsource_SECUNIA
http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/35111vdb-entry, x_refsource_BID
http://imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://secunia.com/advisories/35685third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/35216third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.htmlvendor-advisory, x_refsource_SUSE
http://www.vupen.com/english/advisories/2009/1449vdb-entry, x_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.htmlvendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:27:54.833Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "54729",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0074"
          },
          {
            "name": "GLSA-201311-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
          },
          {
            "name": "37959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37959"
          },
          {
            "name": "[oss-security] 20090608 Re: CVE Request -- ImageMagick -- Integer overflow in XMakeImage()",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/06/08/1"
          },
          {
            "name": "USN-784-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/784-1/"
          },
          {
            "name": "20101027 rPSA-2010-0074-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514516/100/0/threaded"
          },
          {
            "name": "35382",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35382"
          },
          {
            "name": "FEDORA-2010-0001",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html"
          },
          {
            "name": "55721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html"
          },
          {
            "name": "35111",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35111"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://imagemagick.org/script/changelog.php"
          },
          {
            "name": "35685",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "name": "35216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35216"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "SUSE-SR:2009:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "name": "ADV-2009-1449",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1449"
          },
          {
            "name": "FEDORA-2010-0036",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "54729",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0074"
        },
        {
          "name": "GLSA-201311-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
        },
        {
          "name": "37959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37959"
        },
        {
          "name": "[oss-security] 20090608 Re: CVE Request -- ImageMagick -- Integer overflow in XMakeImage()",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/06/08/1"
        },
        {
          "name": "USN-784-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/784-1/"
        },
        {
          "name": "20101027 rPSA-2010-0074-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514516/100/0/threaded"
        },
        {
          "name": "35382",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35382"
        },
        {
          "name": "FEDORA-2010-0001",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html"
        },
        {
          "name": "55721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html"
        },
        {
          "name": "35111",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35111"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://imagemagick.org/script/changelog.php"
        },
        {
          "name": "35685",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35685"
        },
        {
          "name": "35216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35216"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "SUSE-SR:2009:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
        },
        {
          "name": "ADV-2009-1449",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1449"
        },
        {
          "name": "FEDORA-2010-0036",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1882",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "54729",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54729"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2010-0074",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0074"
            },
            {
              "name": "GLSA-201311-10",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
            },
            {
              "name": "37959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37959"
            },
            {
              "name": "[oss-security] 20090608 Re: CVE Request -- ImageMagick -- Integer overflow in XMakeImage()",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/06/08/1"
            },
            {
              "name": "USN-784-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/784-1/"
            },
            {
              "name": "20101027 rPSA-2010-0074-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/514516/100/0/threaded"
            },
            {
              "name": "35382",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35382"
            },
            {
              "name": "FEDORA-2010-0001",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html"
            },
            {
              "name": "55721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55721"
            },
            {
              "name": "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html",
              "refsource": "CONFIRM",
              "url": "http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html"
            },
            {
              "name": "35111",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35111"
            },
            {
              "name": "http://imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://imagemagick.org/script/changelog.php"
            },
            {
              "name": "35685",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35685"
            },
            {
              "name": "35216",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35216"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "SUSE-SR:2009:012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
            },
            {
              "name": "ADV-2009-1449",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1449"
            },
            {
              "name": "FEDORA-2010-0036",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1882",
    "datePublished": "2009-06-02T15:00:00",
    "dateReserved": "2009-06-02T00:00:00",
    "dateUpdated": "2024-08-07T05:27:54.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12565
Vulnerability from cvelistv5
Published
2017-08-05 18:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100156",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100156"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/602"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-08T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100156",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100156"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/602"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12565",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100156",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100156"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/602",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/602"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12565",
    "datePublished": "2017-08-05T18:00:00",
    "dateReserved": "2017-08-05T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9261
Vulnerability from cvelistv5
Published
2017-05-29 03:52
Modified
2024-08-05 17:02
Severity ?
Summary
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:43.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98730",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98730"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/476"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-30T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98730",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98730"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/476"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9261",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98730",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98730"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/476",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/476"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9261",
    "datePublished": "2017-05-29T03:52:00",
    "dateReserved": "2017-05-28T00:00:00",
    "dateUpdated": "2024-08-05T17:02:43.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5687
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:08
Severity ?
Summary
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:08:00.479Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "91283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91283"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
          },
          {
            "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "91283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91283"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
        },
        {
          "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5687",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "91283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91283"
            },
            {
              "name": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html",
              "refsource": "MISC",
              "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
            },
            {
              "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5687",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:08:00.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27755
Vulnerability from cvelistv5
Published
2020-12-08 21:57
Modified
2024-08-04 16:18
Severity ?
Summary
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-08T21:57:25",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27755",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.9-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27755",
    "datePublished": "2020-12-08T21:57:25",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-3715
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
Summary
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.
References
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/538378/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/39767/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/18mailing-list, x_refsource_MLIST
http://www.debian.org/security/2016/dsa-3746vendor-advisory, x_refsource_DEBIAN
https://security.gentoo.org/glsa/201611-21vendor-advisory, x_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568vendor-advisory, x_refsource_SLACKWARE
https://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3580vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2016-0726.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/89852vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2016:1266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
          },
          {
            "name": "openSUSE-SU-2016:1326",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "openSUSE-SU-2016:1261",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
          },
          {
            "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
          },
          {
            "name": "39767",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39767/"
          },
          {
            "name": "SUSE-SU-2016:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
          },
          {
            "name": "DSA-3746",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3746"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "SUSE-SU-2016:1275",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
          },
          {
            "name": "SSA:2016-132-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "DSA-3580",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3580"
          },
          {
            "name": "RHSA-2016:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
          },
          {
            "name": "89852",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/89852"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2016:1266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
        },
        {
          "name": "openSUSE-SU-2016:1326",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "openSUSE-SU-2016:1261",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
        },
        {
          "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
        },
        {
          "name": "39767",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39767/"
        },
        {
          "name": "SUSE-SU-2016:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
        },
        {
          "name": "DSA-3746",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3746"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "SUSE-SU-2016:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
        },
        {
          "name": "SSA:2016-132-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "DSA-3580",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3580"
        },
        {
          "name": "RHSA-2016:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
        },
        {
          "name": "89852",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/89852"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-3715",
    "datePublished": "2016-05-05T18:00:00",
    "dateReserved": "2016-03-30T00:00:00",
    "dateUpdated": "2024-08-06T00:03:34.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13062
Vulnerability from cvelistv5
Published
2017-08-22 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/669x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/669"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/669"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/669",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/669"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13062",
    "datePublished": "2017-08-22T06:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-3428
Vulnerability from cvelistv5
Published
2023-10-04 18:02
Modified
2024-08-20 14:47
Summary
Imagemagick: heap-buffer-overflow in coders/tiff.c
References
https://access.redhat.com/security/cve/CVE-2023-3428vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2218369issue-tracking, x_refsource_REDHAT
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-09T15:44:06.374854Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-09T15:44:26.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:55:03.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-3428"
          },
          {
            "name": "RHBZ#2218369",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218369"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue."
        }
      ],
      "datePublic": "2023-06-27T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow vulnerability was found  in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-20T14:47:07.687Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-3428"
        },
        {
          "name": "RHBZ#2218369",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218369"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-06-27T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-06-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Imagemagick: heap-buffer-overflow in coders/tiff.c",
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-3428",
    "datePublished": "2023-10-04T18:02:23.724Z",
    "dateReserved": "2023-06-27T12:45:42.917Z",
    "dateUpdated": "2024-08-20T14:47:07.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1097
Vulnerability from cvelistv5
Published
2008-03-05 20:00
Modified
2024-08-07 08:08
Severity ?
Summary
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.
References
http://security.gentoo.org/glsa/glsa-201311-10.xmlvendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/28822vdb-entry, x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=285861x_refsource_MISC
http://secunia.com/advisories/29857third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
http://osvdb.org/43213vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1019881vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/55721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034x_refsource_CONFIRM
http://secunia.com/advisories/30967third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2008-0165.htmlvendor-advisory, x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2008:099vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/41193vdb-entry, x_refsource_XF
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201311-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
          },
          {
            "name": "28822",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28822"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=285861"
          },
          {
            "name": "29857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29857"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "43213",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/43213"
          },
          {
            "name": "1019881",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019881"
          },
          {
            "name": "55721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55721"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034"
          },
          {
            "name": "30967",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30967"
          },
          {
            "name": "oval:org.mitre.oval:def:11237",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237"
          },
          {
            "name": "RHSA-2008:0165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
          },
          {
            "name": "SUSE-SR:2008:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
          },
          {
            "name": "MDVSA-2008:099",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "imagemagick-readpcximage-bo(41193)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41193"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201311-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
        },
        {
          "name": "28822",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28822"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=285861"
        },
        {
          "name": "29857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29857"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "43213",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/43213"
        },
        {
          "name": "1019881",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019881"
        },
        {
          "name": "55721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55721"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034"
        },
        {
          "name": "30967",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30967"
        },
        {
          "name": "oval:org.mitre.oval:def:11237",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237"
        },
        {
          "name": "RHSA-2008:0165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
        },
        {
          "name": "SUSE-SR:2008:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
        },
        {
          "name": "MDVSA-2008:099",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "imagemagick-readpcximage-bo(41193)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41193"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1097",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201311-10",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201311-10.xml"
            },
            {
              "name": "28822",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28822"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=285861",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=285861"
            },
            {
              "name": "29857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29857"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "43213",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/43213"
            },
            {
              "name": "1019881",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019881"
            },
            {
              "name": "55721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55721"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413034"
            },
            {
              "name": "30967",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30967"
            },
            {
              "name": "oval:org.mitre.oval:def:11237",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11237"
            },
            {
              "name": "RHSA-2008:0165",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
            },
            {
              "name": "SUSE-SR:2008:014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
            },
            {
              "name": "MDVSA-2008:099",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "imagemagick-readpcximage-bo(41193)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41193"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1097",
    "datePublished": "2008-03-05T20:00:00",
    "dateReserved": "2008-02-28T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-34152
Vulnerability from cvelistv5
Published
2023-05-30 00:00
Modified
2024-08-02 16:01
Severity ?
Summary
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:01:54.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/6339"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-34152"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210659"
          },
          {
            "name": "FEDORA-2023-d53831b69d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick-6.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T02:07:18.551449",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/6339"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-34152"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210659"
        },
        {
          "name": "FEDORA-2023-d53831b69d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-34152",
    "datePublished": "2023-05-30T00:00:00",
    "dateReserved": "2023-05-29T00:00:00",
    "dateUpdated": "2024-08-02T16:01:54.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10056
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "name": "95190",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95190"
          },
          {
            "name": "95191",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95191"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T20:52:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "name": "95190",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95190"
        },
        {
          "name": "95191",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95191"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10056",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "95190",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95190"
            },
            {
              "name": "95191",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95191"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10056",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9821
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9821",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9821",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11754
Vulnerability from cvelistv5
Published
2017-07-30 18:00
Modified
2024-08-05 18:19
Severity ?
Summary
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:39.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11754",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/633",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11754",
    "datePublished": "2017-07-30T18:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:39.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17499
Vulnerability from cvelistv5
Published
2017-12-11 02:00
Modified
2024-08-05 20:51
Severity ?
Summary
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:51:31.642Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4074",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=33078\u0026sid=5fbb164c3830293138917f9b14264ed1"
          },
          {
            "name": "102155",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102155"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4074",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=33078\u0026sid=5fbb164c3830293138917f9b14264ed1"
        },
        {
          "name": "102155",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102155"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17499",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4074",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4074"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=33078\u0026sid=5fbb164c3830293138917f9b14264ed1",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=33078\u0026sid=5fbb164c3830293138917f9b14264ed1"
            },
            {
              "name": "102155",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102155"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17499",
    "datePublished": "2017-12-11T02:00:00",
    "dateReserved": "2017-12-10T00:00:00",
    "dateUpdated": "2024-08-05T20:51:31.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1667
Vulnerability from cvelistv5
Published
2007-03-24 21:00
Modified
2024-08-07 13:06
Severity ?
Summary
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.
References
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1vendor-advisory, x_refsource_SUNALERT
http://support.avaya.com/elmodocs2/security/ASA-2007-176.htmx_refsource_CONFIRM
http://secunia.com/advisories/24745third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/33937third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24771third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24756third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0126.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/23300vdb-entry, x_refsource_BID
http://support.apple.com/kb/HT3438x_refsource_CONFIRM
http://secunia.com/advisories/24739third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlvendor-advisory, x_refsource_APPLE
http://security.gentoo.org/glsa/glsa-200705-06.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/24758third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-453-1vendor-advisory, x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-481-1vendor-advisory, x_refsource_UBUNTU
https://issues.rpath.com/browse/RPL-1211x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2007-0125.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24741third-party-advisory, x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045x_refsource_CONFIRM
http://secunia.com/advisories/25992third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26177third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-453-2vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2007/1531vdb-entry, x_refsource_VUPEN
http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.htmlmailing-list, x_refsource_MLIST
http://secunia.com/advisories/24791third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24975third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_27_x.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/30161third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xmlvendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2007/dsa-1294vendor-advisory, x_refsource_DEBIAN
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684x_refsource_CONFIRM
http://www.securitytracker.com/id?1017864vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/24765third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_8_sr.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/464686/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/464816/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/25131third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/24953third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1217vdb-entry, x_refsource_VUPEN
http://www.openbsd.org/errata40.html#011_xorgvendor-advisory, x_refsource_OPENBSD
https://issues.rpath.com/browse/RPL-1213x_refsource_CONFIRM
http://secunia.com/advisories/25004third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:147vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/25305third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/25072third-party-advisory, x_refsource_SECUNIA
http://www.openbsd.org/errata39.html#021_xorgvendor-advisory, x_refsource_OPENBSD
http://secunia.com/advisories/25112third-party-advisory, x_refsource_SECUNIA
http://issues.foresightlinux.org/browse/FL-223x_refsource_CONFIRM
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0157.htmlvendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2007:079vendor-advisory, x_refsource_MANDRIVA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:06:25.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102888",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm"
          },
          {
            "name": "24745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24745"
          },
          {
            "name": "33937",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33937"
          },
          {
            "name": "24771",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24771"
          },
          {
            "name": "24756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24756"
          },
          {
            "name": "RHSA-2007:0126",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
          },
          {
            "name": "23300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23300"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3438"
          },
          {
            "name": "24739",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24739"
          },
          {
            "name": "APPLE-SA-2009-02-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
          },
          {
            "name": "GLSA-200705-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-06.xml"
          },
          {
            "name": "24758",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24758"
          },
          {
            "name": "USN-453-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-453-1"
          },
          {
            "name": "USN-481-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-481-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1211"
          },
          {
            "name": "RHSA-2007:0125",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
          },
          {
            "name": "24741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24741"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045"
          },
          {
            "name": "25992",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25992"
          },
          {
            "name": "26177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26177"
          },
          {
            "name": "USN-453-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-453-2"
          },
          {
            "name": "ADV-2007-1531",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1531"
          },
          {
            "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
          },
          {
            "name": "24791",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24791"
          },
          {
            "name": "24975",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24975"
          },
          {
            "name": "SUSE-SA:2007:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
          },
          {
            "name": "30161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "name": "GLSA-200805-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "name": "DSA-1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1294"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684"
          },
          {
            "name": "1017864",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017864"
          },
          {
            "name": "24765",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24765"
          },
          {
            "name": "SUSE-SR:2007:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
          },
          {
            "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
          },
          {
            "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
          },
          {
            "name": "25131",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25131"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "oval:org.mitre.oval:def:9776",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776"
          },
          {
            "name": "24953",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24953"
          },
          {
            "name": "ADV-2007-1217",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1217"
          },
          {
            "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata40.html#011_xorg"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1213"
          },
          {
            "name": "25004",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25004"
          },
          {
            "name": "MDKSA-2007:147",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
          },
          {
            "name": "25305",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25305"
          },
          {
            "name": "oval:org.mitre.oval:def:1693",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693"
          },
          {
            "name": "25072",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25072"
          },
          {
            "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata39.html#021_xorg"
          },
          {
            "name": "25112",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25112"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://issues.foresightlinux.org/browse/FL-223"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          },
          {
            "name": "RHSA-2007:0157",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0157.html"
          },
          {
            "name": "MDKSA-2007:079",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "102888",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm"
        },
        {
          "name": "24745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24745"
        },
        {
          "name": "33937",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33937"
        },
        {
          "name": "24771",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24771"
        },
        {
          "name": "24756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24756"
        },
        {
          "name": "RHSA-2007:0126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
        },
        {
          "name": "23300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23300"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3438"
        },
        {
          "name": "24739",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24739"
        },
        {
          "name": "APPLE-SA-2009-02-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
        },
        {
          "name": "GLSA-200705-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-06.xml"
        },
        {
          "name": "24758",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24758"
        },
        {
          "name": "USN-453-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-453-1"
        },
        {
          "name": "USN-481-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-481-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1211"
        },
        {
          "name": "RHSA-2007:0125",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
        },
        {
          "name": "24741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24741"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045"
        },
        {
          "name": "25992",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25992"
        },
        {
          "name": "26177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26177"
        },
        {
          "name": "USN-453-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-453-2"
        },
        {
          "name": "ADV-2007-1531",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1531"
        },
        {
          "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
        },
        {
          "name": "24791",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24791"
        },
        {
          "name": "24975",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24975"
        },
        {
          "name": "SUSE-SA:2007:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
        },
        {
          "name": "30161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30161"
        },
        {
          "name": "GLSA-200805-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
        },
        {
          "name": "DSA-1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1294"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684"
        },
        {
          "name": "1017864",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017864"
        },
        {
          "name": "24765",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24765"
        },
        {
          "name": "SUSE-SR:2007:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
        },
        {
          "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
        },
        {
          "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
        },
        {
          "name": "25131",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25131"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "oval:org.mitre.oval:def:9776",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776"
        },
        {
          "name": "24953",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24953"
        },
        {
          "name": "ADV-2007-1217",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1217"
        },
        {
          "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata40.html#011_xorg"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1213"
        },
        {
          "name": "25004",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25004"
        },
        {
          "name": "MDKSA-2007:147",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
        },
        {
          "name": "25305",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25305"
        },
        {
          "name": "oval:org.mitre.oval:def:1693",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693"
        },
        {
          "name": "25072",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25072"
        },
        {
          "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata39.html#021_xorg"
        },
        {
          "name": "25112",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25112"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://issues.foresightlinux.org/browse/FL-223"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        },
        {
          "name": "RHSA-2007:0157",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0157.html"
        },
        {
          "name": "MDKSA-2007:079",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-1667",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102888",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102888-1"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-176.htm"
            },
            {
              "name": "24745",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24745"
            },
            {
              "name": "33937",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33937"
            },
            {
              "name": "24771",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24771"
            },
            {
              "name": "24756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24756"
            },
            {
              "name": "RHSA-2007:0126",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
            },
            {
              "name": "23300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23300"
            },
            {
              "name": "http://support.apple.com/kb/HT3438",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3438"
            },
            {
              "name": "24739",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24739"
            },
            {
              "name": "APPLE-SA-2009-02-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
            },
            {
              "name": "GLSA-200705-06",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-06.xml"
            },
            {
              "name": "24758",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24758"
            },
            {
              "name": "USN-453-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-453-1"
            },
            {
              "name": "USN-481-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-481-1"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1211",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1211"
            },
            {
              "name": "RHSA-2007:0125",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
            },
            {
              "name": "24741",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24741"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414045"
            },
            {
              "name": "25992",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25992"
            },
            {
              "name": "26177",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26177"
            },
            {
              "name": "USN-453-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-453-2"
            },
            {
              "name": "ADV-2007-1531",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1531"
            },
            {
              "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
            },
            {
              "name": "24791",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24791"
            },
            {
              "name": "24975",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24975"
            },
            {
              "name": "SUSE-SA:2007:027",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
            },
            {
              "name": "30161",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30161"
            },
            {
              "name": "GLSA-200805-07",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
            },
            {
              "name": "DSA-1294",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1294"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=231684"
            },
            {
              "name": "1017864",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017864"
            },
            {
              "name": "24765",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24765"
            },
            {
              "name": "SUSE-SR:2007:008",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
            },
            {
              "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
            },
            {
              "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
            },
            {
              "name": "25131",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25131"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "oval:org.mitre.oval:def:9776",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9776"
            },
            {
              "name": "24953",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24953"
            },
            {
              "name": "ADV-2007-1217",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1217"
            },
            {
              "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata40.html#011_xorg"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1213",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1213"
            },
            {
              "name": "25004",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25004"
            },
            {
              "name": "MDKSA-2007:147",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
            },
            {
              "name": "25305",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25305"
            },
            {
              "name": "oval:org.mitre.oval:def:1693",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1693"
            },
            {
              "name": "25072",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25072"
            },
            {
              "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata39.html#021_xorg"
            },
            {
              "name": "25112",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25112"
            },
            {
              "name": "http://issues.foresightlinux.org/browse/FL-223",
              "refsource": "CONFIRM",
              "url": "http://issues.foresightlinux.org/browse/FL-223"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            },
            {
              "name": "RHSA-2007:0157",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0157.html"
            },
            {
              "name": "MDKSA-2007:079",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-1667",
    "datePublished": "2007-03-24T21:00:00",
    "dateReserved": "2007-03-24T00:00:00",
    "dateUpdated": "2024-08-07T13:06:25.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18024
Vulnerability from cvelistv5
Published
2018-10-07 18:00
Modified
2024-08-05 11:01
Severity ?
Summary
In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.781Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1337"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1337"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18024",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1337",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1337"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18024",
    "datePublished": "2018-10-07T18:00:00",
    "dateReserved": "2018-10-07T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13146
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T20:52:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870013"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/79e5dbcdd1fc2f714f9bae548bc55d5073f3ed20"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13146",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9773
Vulnerability from cvelistv5
Published
2017-02-16 18:00
Modified
2024-08-06 02:59
Severity ?
Summary
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:59:03.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/"
          },
          {
            "name": "[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/02/12"
          },
          {
            "name": "[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/01/4"
          },
          {
            "name": "[oss-security] 20161202 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/02/11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-16T17:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/"
        },
        {
          "name": "[oss-security] 20161202 Re: Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/02/12"
        },
        {
          "name": "[oss-security] 20161201 imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/01/4"
        },
        {
          "name": "[oss-security] 20161202 Re: imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/02/11"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-9773",
    "datePublished": "2017-02-16T18:00:00",
    "dateReserved": "2016-12-02T00:00:00",
    "dateUpdated": "2024-08-06T02:59:03.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11188
Vulnerability from cvelistv5
Published
2017-07-12 15:00
Modified
2024-08-05 17:57
Severity ?
Summary
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:57.897Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99566",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99566"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/509"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDPXImage function in coders\\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-14T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99566",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99566"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/509"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11188",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDPXImage function in coders\\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99566",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99566"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/509",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/509"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11188",
    "datePublished": "2017-07-12T15:00:00",
    "dateReserved": "2017-07-12T00:00:00",
    "dateUpdated": "2024-08-05T17:57:57.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13768
Vulnerability from cvelistv5
Published
2017-08-30 09:00
Modified
2024-08-05 19:05
Severity ?
Summary
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:05:20.374Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100569",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100569"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/706"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:29",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100569",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100569"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/706"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13768",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100569",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100569"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/706",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/706"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13768",
    "datePublished": "2017-08-30T09:00:00",
    "dateReserved": "2017-08-30T00:00:00",
    "dateUpdated": "2024-08-05T19:05:20.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7539
Vulnerability from cvelistv5
Published
2017-07-25 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.959Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101"
          },
          {
            "name": "93232",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93232"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=2\u0026t=28946"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378776"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101"
        },
        {
          "name": "93232",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93232"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=2\u0026t=28946"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378776"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101"
            },
            {
              "name": "93232",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93232"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=2\u0026t=28946",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=2\u0026t=28946"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378776",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378776"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7539",
    "datePublished": "2017-07-25T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-1947
Vulnerability from cvelistv5
Published
2020-02-17 20:56
Modified
2024-08-06 09:58
Severity ?
Summary
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:58:15.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/12/13"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T20:56:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/12/13"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-1947",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/12/13",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/12/13"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/12/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/13/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/13/5",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/19/13",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
            },
            {
              "name": "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html",
              "refsource": "MISC",
              "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140359-1.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-1947",
    "datePublished": "2020-02-17T20:56:17",
    "dateReserved": "2014-02-12T00:00:00",
    "dateUpdated": "2024-08-06T09:58:15.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10052
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.003Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410459"
          },
          {
            "name": "95181",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95181"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T20:29:22",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410459"
        },
        {
          "name": "95181",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95181"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/9e187b73a8a1290bb0e1a1c878f8be1917aa8742"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410459",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410459"
            },
            {
              "name": "95181",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95181"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/13267a10845a8dadabed63072b537f050cec6daa"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10052",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.003Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-1906
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2024-08-02 06:05
Severity ?
Summary
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:05:27.068Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-1906"
          },
          {
            "name": "FEDORA-2023-541c04817f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick v6.9.12-84, v 7.1.1-6."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow issue was discovered in ImageMagick\u0027s ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 - Heap-based Buffer Overflow, CWE-125 - Out-of-bounds Read.",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-16T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-1906"
        },
        {
          "name": "FEDORA-2023-541c04817f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1906",
    "datePublished": "2023-04-12T00:00:00",
    "dateReserved": "2023-04-06T00:00:00",
    "dateUpdated": "2024-08-02T06:05:27.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6491
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:29
Severity ?
Summary
Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:20.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160728 CVE-Request Buffer overflow ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/07/28/13"
          },
          {
            "name": "[oss-security] 20160728 Re: CVE-Request Buffer overflow ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/07/28/15"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b"
          },
          {
            "name": "1036501",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036501"
          },
          {
            "name": "92186",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92186"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160728 CVE-Request Buffer overflow ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/07/28/13"
        },
        {
          "name": "[oss-security] 20160728 Re: CVE-Request Buffer overflow ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/07/28/15"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b"
        },
        {
          "name": "1036501",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036501"
        },
        {
          "name": "92186",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92186"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6491",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160728 CVE-Request Buffer overflow ImageMagick",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/07/28/13"
            },
            {
              "name": "[oss-security] 20160728 Re: CVE-Request Buffer overflow ImageMagick",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/07/28/15"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b"
            },
            {
              "name": "1036501",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036501"
            },
            {
              "name": "92186",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92186"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.5-4/ChangeLog"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "GLSA-201611-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201611-21"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6491",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-07-28T00:00:00",
    "dateUpdated": "2024-08-06T01:29:20.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-3716
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
Summary
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
References
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/538378/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/39767/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlvendor-advisory, x_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlmailing-list, x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/18mailing-list, x_refsource_MLIST
https://security.gentoo.org/glsa/201611-21vendor-advisory, x_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568vendor-advisory, x_refsource_SLACKWARE
https://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3580vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2016-0726.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2016:1266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "openSUSE-SU-2016:1261",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
          },
          {
            "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
          },
          {
            "name": "39767",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39767/"
          },
          {
            "name": "SUSE-SU-2016:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
          },
          {
            "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "SUSE-SU-2016:1275",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
          },
          {
            "name": "SSA:2016-132-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "DSA-3580",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3580"
          },
          {
            "name": "RHSA-2016:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2016:1266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "openSUSE-SU-2016:1261",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
        },
        {
          "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
        },
        {
          "name": "39767",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39767/"
        },
        {
          "name": "SUSE-SU-2016:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
        },
        {
          "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "SUSE-SU-2016:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
        },
        {
          "name": "SSA:2016-132-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "DSA-3580",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3580"
        },
        {
          "name": "RHSA-2016:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-3716",
    "datePublished": "2016-05-05T18:00:00",
    "dateReserved": "2016-03-30T00:00:00",
    "dateUpdated": "2024-08-06T00:03:34.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7533
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.747Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378765"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/120"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378765"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/120"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7533",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/bef1e4f637d8f665bc133a9c6d30df08d983bc3a"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542114"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378765",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378765"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/120",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/120"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7533",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.747Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11170
Vulnerability from cvelistv5
Published
2017-07-11 20:00
Modified
2024-08-05 17:57
Severity ?
Summary
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:58.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/472"
          },
          {
            "name": "99565",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99565"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadTGAImage function in coders\\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-14T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/472"
        },
        {
          "name": "99565",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99565"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11170",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadTGAImage function in coders\\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/472",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/472"
            },
            {
              "name": "99565",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99565"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11170",
    "datePublished": "2017-07-11T20:00:00",
    "dateReserved": "2017-07-11T00:00:00",
    "dateUpdated": "2024-08-05T17:57:58.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27765
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894684"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894684"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27765",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6823
Vulnerability from cvelistv5
Published
2017-01-18 17:00
Modified
2024-08-06 01:43
Severity ?
Summary
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:43:38.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504"
          },
          {
            "name": "93158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93158"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323"
          },
          {
            "name": "[oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/26/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-19T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504"
        },
        {
          "name": "93158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93158"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323"
        },
        {
          "name": "[oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/26/3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6823",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504"
            },
            {
              "name": "93158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93158"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323"
            },
            {
              "name": "[oss-security] 20160926 CVE-2016-6823 - ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/26/3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6823",
    "datePublished": "2017-01-18T17:00:00",
    "dateReserved": "2016-08-16T00:00:00",
    "dateUpdated": "2024-08-06T01:43:38.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13303
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1603"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d29148fae06c01ef215940e084cf41853c117bab"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1603"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d29148fae06c01ef215940e084cf41853c117bab"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13303",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCore/composite.c in CompositeImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1603",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1603"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d29148fae06c01ef215940e084cf41853c117bab",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d29148fae06c01ef215940e084cf41853c117bab"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13303",
    "datePublished": "2019-07-05T00:53:02",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-16546
Vulnerability from cvelistv5
Published
2017-11-05 22:00
Modified
2024-08-05 20:27
Severity ?
Summary
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:27:03.809Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4074",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/851"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-11-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4074",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/851"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-16546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4074",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4074"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/851",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/851"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-16546",
    "datePublished": "2017-11-05T22:00:00",
    "dateReserved": "2017-11-05T00:00:00",
    "dateUpdated": "2024-08-05T20:27:03.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9829
Vulnerability from cvelistv5
Published
2017-04-05 17:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343485"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-05T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343485"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9829",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=8e72cbfca8db81132319af14d1f33a3e833666d7"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343485",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343485"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9829",
    "datePublished": "2017-04-05T17:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12692
Vulnerability from cvelistv5
Published
2017-09-01 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/653"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/653"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12692",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/653",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/653"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12692",
    "datePublished": "2017-09-01T21:00:00",
    "dateReserved": "2017-08-08T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16413
Vulnerability from cvelistv5
Published
2018-09-03 19:00
Modified
2024-08-05 10:24
Severity ?
Summary
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:24:32.183Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1251"
          },
          {
            "name": "DSA-4316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4316"
          },
          {
            "name": "105241",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105241"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1249"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1251"
        },
        {
          "name": "DSA-4316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4316"
        },
        {
          "name": "105241",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105241"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1249"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16413",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1251",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1251"
            },
            {
              "name": "DSA-4316",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4316"
            },
            {
              "name": "105241",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105241"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1249",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1249"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16413",
    "datePublished": "2018-09-03T19:00:00",
    "dateReserved": "2018-09-03T00:00:00",
    "dateUpdated": "2024-08-05T10:24:32.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10049
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95180",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95180"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=29710"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T16:36:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95180",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95180"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=29710"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95180",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95180"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=29710",
              "refsource": "MISC",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=29710"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10049",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7532
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378764"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378764"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7532",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4f2c04ea6673863b87ac7f186cbb0d911f74085c"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539066"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/109",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/109"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378764",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378764"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7532",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13297
Vulnerability from cvelistv5
Published
2019-07-05 00:51
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1609"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1609"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1609",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1609"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13297",
    "datePublished": "2019-07-05T00:51:07",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0284
Vulnerability from cvelistv5
Published
2022-08-29 14:03
Modified
2024-08-02 23:25
Severity ?
Summary
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:25:40.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2022-0284"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/4729"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick-7.1.0-20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based-buffer-over-read flaw was found in ImageMagick\u0027s GetPixelAlpha() function of \u0027pixel-accessor.h\u0027. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 - Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T14:03:03",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2022-0284"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/4729"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-0284",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in ImageMagick-7.1.0-20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap-based-buffer-over-read flaw was found in ImageMagick\u0027s GetPixelAlpha() function of \u0027pixel-accessor.h\u0027. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125 - Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943"
            },
            {
              "name": "https://access.redhat.com/security/cve/CVE-2022-0284",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/cve/CVE-2022-0284"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/4729",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/4729"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-0284",
    "datePublished": "2022-08-29T14:03:03",
    "dateReserved": "2022-01-19T00:00:00",
    "dateUpdated": "2024-08-02T23:25:40.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16710
Vulnerability from cvelistv5
Published
2019-09-23 11:46
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.154Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1528"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:28",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1528"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16710",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1528",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1528"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16710",
    "datePublished": "2019-09-23T11:46:01",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.154Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9142
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 16:55
Severity ?
Summary
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:55:22.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98683",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98683"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/490"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f0232a2a45dfd003c1faf6079497895df3ab0ee1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T20:43:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98683",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98683"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/490"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f0232a2a45dfd003c1faf6079497895df3ab0ee1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9142",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98683",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98683"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/490",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/490"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f0232a2a45dfd003c1faf6079497895df3ab0ee1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f0232a2a45dfd003c1faf6079497895df3ab0ee1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9142",
    "datePublished": "2017-05-22T14:00:00",
    "dateReserved": "2017-05-22T00:00:00",
    "dateUpdated": "2024-08-05T16:55:22.392Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9831
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9831",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343487"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9831",
    "datePublished": "2017-08-07T20:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12691
Vulnerability from cvelistv5
Published
2017-09-01 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/656"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/656"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12691",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/656",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/656"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12691",
    "datePublished": "2017-09-01T21:00:00",
    "dateReserved": "2017-08-08T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.419Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3582
Vulnerability from cvelistv5
Published
2005-11-16 07:37
Modified
2024-08-07 23:17
Severity ?
Summary
ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
References
http://secunia.com/advisories/17427/third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200511-02.xmlvendor-advisory, x_refsource_GENTOO
http://www.vupen.com/english/advisories/2005/2281vdb-entry, x_refsource_VUPEN
http://www.osvdb.org/20528vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/15120vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17427",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17427/"
          },
          {
            "name": "GLSA-200511-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml"
          },
          {
            "name": "ADV-2005-2281",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2281"
          },
          {
            "name": "20528",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20528"
          },
          {
            "name": "15120",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15120"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-12-20T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17427",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17427/"
        },
        {
          "name": "GLSA-200511-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml"
        },
        {
          "name": "ADV-2005-2281",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2281"
        },
        {
          "name": "20528",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20528"
        },
        {
          "name": "15120",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15120"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3582",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17427",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17427/"
            },
            {
              "name": "GLSA-200511-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml"
            },
            {
              "name": "ADV-2005-2281",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2281"
            },
            {
              "name": "20528",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20528"
            },
            {
              "name": "15120",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15120"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3582",
    "datePublished": "2005-11-16T07:37:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13134
Vulnerability from cvelistv5
Published
2017-08-23 03:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://lists.debian.org/debian-lts-announce/2017/11/msg00016.htmlmailing-list, x_refsource_MLIST
https://www.debian.org/security/2018/dsa-4321vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/100476vdb-entry, x_refsource_BID
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlmailing-list, x_refsource_MLIST
https://github.com/ImageMagick/ImageMagick/issues/670x_refsource_CONFIRM
http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05x_refsource_MISC
https://usn.ubuntu.com/4222-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html"
          },
          {
            "name": "DSA-4321",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4321"
          },
          {
            "name": "100476",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100476"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/670"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05"
          },
          {
            "name": "USN-4222-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4222-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-16T19:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html"
        },
        {
          "name": "DSA-4321",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4321"
        },
        {
          "name": "100476",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100476"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/670"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05"
        },
        {
          "name": "USN-4222-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4222-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13134",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html"
            },
            {
              "name": "DSA-4321",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4321"
            },
            {
              "name": "100476",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100476"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/670",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/670"
            },
            {
              "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05",
              "refsource": "MISC",
              "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05"
            },
            {
              "name": "USN-4222-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4222-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13134",
    "datePublished": "2017-08-23T03:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8894
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:29
Severity ?
Summary
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-15T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8894",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8894",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9812
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.452Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343468"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343468"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343468",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343468"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9812",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.452Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12665
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/577"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:53:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/577"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12665",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/577",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/577"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c1b09bbec148f6ae11d0b686fdb89ac6dc0ab14e"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12665",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17882
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/880x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.210Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17882",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/880",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17882",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16641
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1206"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-06T22:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1206"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16641",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/256825d4eb33dc301496710d15cf5a7ae924088b"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1206",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1206"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16641",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17880
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/907"
          },
          {
            "name": "102317",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102317"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-01T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/907"
        },
        {
          "name": "102317",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102317"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17880",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/907",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/907"
            },
            {
              "name": "102317",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102317"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17880",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-5456
Vulnerability from cvelistv5
Published
2006-10-23 17:00
Modified
2024-08-07 19:48
Severity ?
Summary
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
References
http://secunia.com/advisories/24196third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4170vdb-entry, x_refsource_VUPEN
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9x_refsource_CONFIRM
http://secunia.com/advisories/22572third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200611-07.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/22601third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24458third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/452718/100/100/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/22834third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765vdb-entry, signature, x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816vdb-entry, x_refsource_XF
http://secunia.com/advisories/23090third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24284third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1034x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.htmlvendor-advisory, x_refsource_SUSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092vendor-advisory, x_refsource_SLACKWARE
http://secunia.com/advisories/22819third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/22604third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_3_sr.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/usn-422-1vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/459507/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://security.gentoo.org/glsa/glsa-200611-19.xmlvendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/20707vdb-entry, x_refsource_BID
http://secunia.com/advisories/23121third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-811x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlvendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/4171vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/22998third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24186third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascvendor-advisory, x_refsource_SGI
http://www.debian.org/security/2006/dsa-1213vendor-advisory, x_refsource_DEBIAN
http://www.osvdb.org/29990vdb-entry, x_refsource_OSVDB
http://www.ubuntu.com/usn/usn-372-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/22569third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193vendor-advisory, x_refsource_MANDRIVA
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041vendor-advisory, x_refsource_MANDRIVA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:30.200Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24196",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24196"
          },
          {
            "name": "ADV-2006-4170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9"
          },
          {
            "name": "22572",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22572"
          },
          {
            "name": "GLSA-200611-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200611-07.xml"
          },
          {
            "name": "22601",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22601"
          },
          {
            "name": "24458",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24458"
          },
          {
            "name": "20061127 rPSA-2006-0218-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
          },
          {
            "name": "22834",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22834"
          },
          {
            "name": "oval:org.mitre.oval:def:9765",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765"
          },
          {
            "name": "imagemagick-graphicsmagick-palm-bo(29816)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29816"
          },
          {
            "name": "23090",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23090"
          },
          {
            "name": "24284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24284"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1034"
          },
          {
            "name": "SUSE-SA:2006:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html"
          },
          {
            "name": "SSA:2007-066-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.352092"
          },
          {
            "name": "22819",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22819"
          },
          {
            "name": "22604",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22604"
          },
          {
            "name": "SUSE-SR:2007:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
          },
          {
            "name": "USN-422-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-422-1"
          },
          {
            "name": "20070208 rPSA-2007-0029-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
          },
          {
            "name": "GLSA-200611-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200611-19.xml"
          },
          {
            "name": "20707",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20707"
          },
          {
            "name": "23121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23121"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-811"
          },
          {
            "name": "RHSA-2007:0015",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
          },
          {
            "name": "ADV-2006-4171",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4171"
          },
          {
            "name": "22998",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22998"
          },
          {
            "name": "24186",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24186"
          },
          {
            "name": "20070201-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
          },
          {
            "name": "DSA-1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1213"
          },
          {
            "name": "29990",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29990"
          },
          {
            "name": "USN-372-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-372-1"
          },
          {
            "name": "22569",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22569"
          },
          {
            "name": "MDKSA-2006:193",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921"
          },
          {
            "name": "MDKSA-2007:041",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "24196",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24196"
        },
        {
          "name": "ADV-2006-4170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9"
        },
        {
          "name": "22572",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22572"
        },
        {
          "name": "GLSA-200611-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200611-07.xml"
        },
        {
          "name": "22601",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22601"
        },
        {
          "name": "24458",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24458"
        },
        {
          "name": "20061127 rPSA-2006-0218-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
        },
        {
          "name": "22834",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22834"
        },
        {
          "name": "oval:org.mitre.oval:def:9765",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765"
        },
        {
          "name": "imagemagick-graphicsmagick-palm-bo(29816)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29816"
        },
        {
          "name": "23090",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23090"
        },
        {
          "name": "24284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24284"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1034"
        },
        {
          "name": "SUSE-SA:2006:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html"
        },
        {
          "name": "SSA:2007-066-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.352092"
        },
        {
          "name": "22819",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22819"
        },
        {
          "name": "22604",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22604"
        },
        {
          "name": "SUSE-SR:2007:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
        },
        {
          "name": "USN-422-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-422-1"
        },
        {
          "name": "20070208 rPSA-2007-0029-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
        },
        {
          "name": "GLSA-200611-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200611-19.xml"
        },
        {
          "name": "20707",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20707"
        },
        {
          "name": "23121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23121"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-811"
        },
        {
          "name": "RHSA-2007:0015",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
        },
        {
          "name": "ADV-2006-4171",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4171"
        },
        {
          "name": "22998",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22998"
        },
        {
          "name": "24186",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24186"
        },
        {
          "name": "20070201-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
        },
        {
          "name": "DSA-1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1213"
        },
        {
          "name": "29990",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29990"
        },
        {
          "name": "USN-372-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-372-1"
        },
        {
          "name": "22569",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22569"
        },
        {
          "name": "MDKSA-2006:193",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921"
        },
        {
          "name": "MDKSA-2007:041",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-5456",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24196",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24196"
            },
            {
              "name": "ADV-2006-4170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4170"
            },
            {
              "name": "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9",
              "refsource": "CONFIRM",
              "url": "http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9"
            },
            {
              "name": "22572",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22572"
            },
            {
              "name": "GLSA-200611-07",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200611-07.xml"
            },
            {
              "name": "22601",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22601"
            },
            {
              "name": "24458",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24458"
            },
            {
              "name": "20061127 rPSA-2006-0218-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
            },
            {
              "name": "22834",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22834"
            },
            {
              "name": "oval:org.mitre.oval:def:9765",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765"
            },
            {
              "name": "imagemagick-graphicsmagick-palm-bo(29816)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29816"
            },
            {
              "name": "23090",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23090"
            },
            {
              "name": "24284",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24284"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1034",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1034"
            },
            {
              "name": "SUSE-SA:2006:066",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html"
            },
            {
              "name": "SSA:2007-066-06",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.352092"
            },
            {
              "name": "22819",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22819"
            },
            {
              "name": "22604",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22604"
            },
            {
              "name": "SUSE-SR:2007:003",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
            },
            {
              "name": "USN-422-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-422-1"
            },
            {
              "name": "20070208 rPSA-2007-0029-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
            },
            {
              "name": "GLSA-200611-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200611-19.xml"
            },
            {
              "name": "20707",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20707"
            },
            {
              "name": "23121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23121"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-811",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-811"
            },
            {
              "name": "RHSA-2007:0015",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
            },
            {
              "name": "ADV-2006-4171",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4171"
            },
            {
              "name": "22998",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22998"
            },
            {
              "name": "24186",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24186"
            },
            {
              "name": "20070201-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
            },
            {
              "name": "DSA-1213",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1213"
            },
            {
              "name": "29990",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29990"
            },
            {
              "name": "USN-372-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-372-1"
            },
            {
              "name": "22569",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22569"
            },
            {
              "name": "MDKSA-2006:193",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:193"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921"
            },
            {
              "name": "MDKSA-2007:041",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-5456",
    "datePublished": "2006-10-23T17:00:00",
    "dateReserved": "2006-10-23T00:00:00",
    "dateUpdated": "2024-08-07T19:48:30.200Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14739
Vulnerability from cvelistv5
Published
2017-09-26 02:00
Modified
2024-08-05 19:34
Severity ?
Summary
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:40.050Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/780"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/780"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/780",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/780"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14739",
    "datePublished": "2017-09-26T02:00:00",
    "dateReserved": "2017-09-25T00:00:00",
    "dateUpdated": "2024-08-05T19:34:40.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-5341
Vulnerability from cvelistv5
Published
2023-11-19 09:20
Modified
2024-08-20 16:14
Summary
Imagemagick: heap use-after-free in coders/bmp.c
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5341",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-02T20:55:18.795590Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:28:32.878Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:52:08.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5341"
          },
          {
            "name": "RHBZ#2241774",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Hardik shah of Vehere (Dawn Treaders team) for reporting this issue."
        }
      ],
      "datePublic": "2023-10-02T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap use-after-free flaw was found in coders/bmp.c in ImageMagick."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-20T16:14:30.916Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5341"
        },
        {
          "name": "RHBZ#2241774",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-02T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-10-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Imagemagick: heap use-after-free in coders/bmp.c",
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5341",
    "datePublished": "2023-11-19T09:20:12.642Z",
    "dateReserved": "2023-10-02T15:57:15.547Z",
    "dateUpdated": "2024-08-20T16:14:30.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8903
Vulnerability from cvelistv5
Published
2017-02-27 22:00
Modified
2024-08-06 08:29
Severity ?
Summary
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.099Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26933"
          },
          {
            "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195271"
          },
          {
            "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/17856"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-27T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26933"
        },
        {
          "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195271"
        },
        {
          "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/17856"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8903",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26933",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26933"
            },
            {
              "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195271",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195271"
            },
            {
              "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
            },
            {
              "name": "http://trac.imagemagick.org/changeset/17856",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/17856"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8903",
    "datePublished": "2017-02-27T22:00:00",
    "dateReserved": "2016-06-05T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11639
Vulnerability from cvelistv5
Published
2017-07-26 08:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
References
https://github.com/ImageMagick/ImageMagick/issues/588x_refsource_CONFIRM
http://www.securityfocus.com/bid/100013vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/588"
          },
          {
            "name": "100013",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100013"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/588"
        },
        {
          "name": "100013",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100013"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11639",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/588",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/588"
            },
            {
              "name": "100013",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100013"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11639",
    "datePublished": "2017-07-26T08:00:00",
    "dateReserved": "2017-07-25T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13144
Vulnerability from cvelistv5
Published
2017-08-23 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438x_refsource_CONFIRM
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31438"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.7-10, there is a crash (rather than a \"width or height exceeds limit\" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31438"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.7-10, there is a crash (rather than a \"width or height exceeds limit\" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31438",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31438"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13144",
    "datePublished": "2017-08-23T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27769
Vulnerability from cvelistv5
Published
2021-05-14 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894690"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick versions before 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type \u0027float\u0027 at MagickCore/quantize.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894690"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27769",
    "datePublished": "2021-05-14T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27771
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898290"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898290"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27771",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18016
Vulnerability from cvelistv5
Published
2018-10-05 17:00
Modified
2024-08-05 11:01
Severity ?
Summary
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1049x_refsource_MISC
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.819Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1049"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1049"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1049",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1049"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18016",
    "datePublished": "2018-10-05T17:00:00",
    "dateReserved": "2018-10-05T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.819Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11724
Vulnerability from cvelistv5
Published
2017-07-29 05:00
Modified
2024-08-05 18:19
Severity ?
Summary
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
References
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/624x_refsource_CONFIRM
http://www.securityfocus.com/bid/104597vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:38.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/624"
          },
          {
            "name": "104597",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104597"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-04T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/624"
        },
        {
          "name": "104597",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104597"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11724",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/624",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/624"
            },
            {
              "name": "104597",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104597"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11724",
    "datePublished": "2017-07-29T05:00:00",
    "dateReserved": "2017-07-28T00:00:00",
    "dateUpdated": "2024-08-05T18:19:38.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27764
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894683"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 6.9.10-69"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894683"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27764",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9808
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343464"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343464"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9808",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343464",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343464"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9808",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11505
Vulnerability from cvelistv5
Published
2017-07-21 16:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/526"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-21T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/526"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11505",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867824"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/526",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/526"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11505",
    "datePublished": "2017-07-21T16:00:00",
    "dateReserved": "2017-07-21T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17883
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-09-16 22:35
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/877"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-24T04:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/877"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17883",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/877",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/877"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17883",
    "datePublished": "2017-12-24T04:00:00Z",
    "dateReserved": "2017-12-23T00:00:00Z",
    "dateUpdated": "2024-09-16T22:35:20.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0247
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:16
Severity ?
Summary
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.
References
http://www.gentoo.org/security/en/glsa/glsa-201203-09.xmlvendor-advisory, x_refsource_GENTOO
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286x_refsource_CONFIRM
http://secunia.com/advisories/49068third-party-advisory, x_refsource_SECUNIA
http://www.cert.fi/en/reports/2012/vulnerability595210.htmlx_refsource_MISC
http://secunia.com/advisories/48259third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49043third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2012/dsa-2427vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/47926third-party-advisory, x_refsource_SECUNIA
http://ubuntu.com/usn/usn-1435-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/48247third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/79003vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1027032vdb-entry, x_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2012-0545.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:19.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201203-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
          },
          {
            "name": "49068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49068"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
          },
          {
            "name": "48259",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48259"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "name": "DSA-2427",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2427"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "47926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47926"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "48247",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48247"
          },
          {
            "name": "79003",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/79003"
          },
          {
            "name": "1027032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027032"
          },
          {
            "name": "RHSA-2012:0545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-11-27T10:00:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "GLSA-201203-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
        },
        {
          "name": "49068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49068"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
        },
        {
          "name": "48259",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48259"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "name": "DSA-2427",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2427"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "47926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47926"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "48247",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48247"
        },
        {
          "name": "79003",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/79003"
        },
        {
          "name": "1027032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027032"
        },
        {
          "name": "RHSA-2012:0545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0247",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201203-09",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
            },
            {
              "name": "49068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49068"
            },
            {
              "name": "http://www.cert.fi/en/reports/2012/vulnerability595210.html",
              "refsource": "MISC",
              "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
            },
            {
              "name": "48259",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48259"
            },
            {
              "name": "49043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49043"
            },
            {
              "name": "49063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49063"
            },
            {
              "name": "DSA-2427",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2427"
            },
            {
              "name": "RHSA-2012:0544",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
            },
            {
              "name": "47926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47926"
            },
            {
              "name": "USN-1435-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-1435-1"
            },
            {
              "name": "48247",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48247"
            },
            {
              "name": "79003",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/79003"
            },
            {
              "name": "1027032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027032"
            },
            {
              "name": "RHSA-2012:0545",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-0247",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2011-12-21T00:00:00",
    "dateUpdated": "2024-08-06T18:16:19.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9833
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9833",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9833",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11450
Vulnerability from cvelistv5
Published
2017-07-19 07:00
Modified
2024-08-05 18:12
Severity ?
Summary
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2017-11450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2017-11450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11450",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2017-11450",
              "refsource": "CONFIRM",
              "url": "https://security-tracker.debian.org/tracker/CVE-2017-11450"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/556",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11450",
    "datePublished": "2017-07-19T07:00:00",
    "dateReserved": "2017-07-19T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14325
Vulnerability from cvelistv5
Published
2017-09-12 08:00
Modified
2024-08-05 19:20
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/741x_refsource_CONFIRM
http://www.securityfocus.com/bid/100874vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/741"
          },
          {
            "name": "100874",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100874"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/741"
        },
        {
          "name": "100874",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100874"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14325",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/741",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/741"
            },
            {
              "name": "100874",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100874"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14325",
    "datePublished": "2017-09-12T08:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-0770
Vulnerability from cvelistv5
Published
2007-02-12 20:00
Modified
2024-08-07 12:34
Severity ?
Summary
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.
References
http://secunia.com/advisories/24196third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24167third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1034x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_3_sr.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/usn-422-1vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/459507/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.osvdb.org/31911vdb-entry, x_refsource_OSVDB
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041vendor-advisory, x_refsource_MANDRIVA
http://www.debian.org/security/2007/dsa-1260vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:34:19.793Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24196",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24196"
          },
          {
            "name": "24167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24167"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1034"
          },
          {
            "name": "SUSE-SR:2007:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
          },
          {
            "name": "USN-422-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-422-1"
          },
          {
            "name": "20070208 rPSA-2007-0029-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
          },
          {
            "name": "31911",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/31911"
          },
          {
            "name": "MDKSA-2007:041",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
          },
          {
            "name": "DSA-1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24196",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24196"
        },
        {
          "name": "24167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24167"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1034"
        },
        {
          "name": "SUSE-SR:2007:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
        },
        {
          "name": "USN-422-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-422-1"
        },
        {
          "name": "20070208 rPSA-2007-0029-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
        },
        {
          "name": "31911",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/31911"
        },
        {
          "name": "MDKSA-2007:041",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
        },
        {
          "name": "DSA-1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0770",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24196",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24196"
            },
            {
              "name": "24167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24167"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1034",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1034"
            },
            {
              "name": "SUSE-SR:2007:003",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
            },
            {
              "name": "USN-422-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-422-1"
            },
            {
              "name": "20070208 rPSA-2007-0029-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/459507/100/0/threaded"
            },
            {
              "name": "31911",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/31911"
            },
            {
              "name": "MDKSA-2007:041",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:041"
            },
            {
              "name": "DSA-1260",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0770",
    "datePublished": "2007-02-12T20:00:00",
    "dateReserved": "2007-02-06T00:00:00",
    "dateUpdated": "2024-08-07T12:34:19.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4986
Vulnerability from cvelistv5
Published
2007-09-24 22:00
Modified
2024-08-07 15:17
Severity ?
Summary
Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.
References
http://secunia.com/advisories/27364third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/36738vdb-entry, x_refsource_XF
http://secunia.com/advisories/29857third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/483572/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.ubuntu.com/usn/usn-523-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27309third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3245vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35316third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200710-27.xmlvendor-advisory, x_refsource_GENTOO
http://www.securitytracker.com/id?1018729vdb-entry, x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/27048third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0165.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/28721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27439third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1743x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.htmlmailing-list, x_refsource_MLIST
http://secunia.com/advisories/26926third-party-advisory, x_refsource_SECUNIA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594third-party-advisory, x_refsource_IDEFENSE
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/bid/25763vdb-entry, x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=186030x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_23_sr.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:27.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27364"
          },
          {
            "name": "imagemagick-multiplefunctions-bo(36738)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36738"
          },
          {
            "name": "29857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29857"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "20071112 FLEA-2007-0066-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
          },
          {
            "name": "USN-523-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-523-1"
          },
          {
            "name": "27309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27309"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "ADV-2007-3245",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3245"
          },
          {
            "name": "35316",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35316"
          },
          {
            "name": "GLSA-200710-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
          },
          {
            "name": "1018729",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018729"
          },
          {
            "name": "oval:org.mitre.oval:def:9963",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963"
          },
          {
            "name": "27048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27048"
          },
          {
            "name": "RHSA-2008:0165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
          },
          {
            "name": "28721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28721"
          },
          {
            "name": "27439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27439"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1743"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
          },
          {
            "name": "26926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26926"
          },
          {
            "name": "20070919 Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594"
          },
          {
            "name": "MDVSA-2008:035",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
          },
          {
            "name": "25763",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25763"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
          },
          {
            "name": "SUSE-SR:2007:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27364"
        },
        {
          "name": "imagemagick-multiplefunctions-bo(36738)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36738"
        },
        {
          "name": "29857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29857"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "20071112 FLEA-2007-0066-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
        },
        {
          "name": "USN-523-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-523-1"
        },
        {
          "name": "27309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27309"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "ADV-2007-3245",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3245"
        },
        {
          "name": "35316",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35316"
        },
        {
          "name": "GLSA-200710-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
        },
        {
          "name": "1018729",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018729"
        },
        {
          "name": "oval:org.mitre.oval:def:9963",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963"
        },
        {
          "name": "27048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27048"
        },
        {
          "name": "RHSA-2008:0165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
        },
        {
          "name": "28721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28721"
        },
        {
          "name": "27439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27439"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1743"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
        },
        {
          "name": "26926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26926"
        },
        {
          "name": "20070919 Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594"
        },
        {
          "name": "MDVSA-2008:035",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
        },
        {
          "name": "25763",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25763"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
        },
        {
          "name": "SUSE-SR:2007:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4986",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27364"
            },
            {
              "name": "imagemagick-multiplefunctions-bo(36738)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36738"
            },
            {
              "name": "29857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29857"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "20071112 FLEA-2007-0066-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
            },
            {
              "name": "USN-523-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-523-1"
            },
            {
              "name": "27309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27309"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "ADV-2007-3245",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3245"
            },
            {
              "name": "35316",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35316"
            },
            {
              "name": "GLSA-200710-27",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
            },
            {
              "name": "1018729",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018729"
            },
            {
              "name": "oval:org.mitre.oval:def:9963",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963"
            },
            {
              "name": "27048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27048"
            },
            {
              "name": "RHSA-2008:0165",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
            },
            {
              "name": "28721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28721"
            },
            {
              "name": "27439",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27439"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1743",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1743"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
              "refsource": "MLIST",
              "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
            },
            {
              "name": "26926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26926"
            },
            {
              "name": "20070919 Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594"
            },
            {
              "name": "MDVSA-2008:035",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
            },
            {
              "name": "25763",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25763"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=186030",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
            },
            {
              "name": "SUSE-SR:2007:023",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4986",
    "datePublished": "2007-09-24T22:00:00",
    "dateReserved": "2007-09-19T00:00:00",
    "dateUpdated": "2024-08-07T15:17:27.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5506
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/354"
          },
          {
            "name": "95753",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95753"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T18:58:53",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/354"
        },
        {
          "name": "95753",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95753"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5506",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/354",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/354"
            },
            {
              "name": "95753",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95753"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5506",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:15.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8677
Vulnerability from cvelistv5
Published
2017-02-15 21:00
Modified
2024-08-06 02:27
Severity ?
Summary
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.332Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20161015 Re: imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/16/1"
          },
          {
            "name": "openSUSE-SU-2016:2671",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/"
          },
          {
            "name": "93598",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93598"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/268"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385698"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20161015 Re: imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/16/1"
        },
        {
          "name": "openSUSE-SU-2016:2671",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/"
        },
        {
          "name": "93598",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93598"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/268"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385698"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8677",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20161015 Re: imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/16/1"
            },
            {
              "name": "openSUSE-SU-2016:2671",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c/"
            },
            {
              "name": "93598",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93598"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/268",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/268"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1385698",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385698"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6e48aa92ff4e6e95424300ecd52a9ea453c19c60"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8677",
    "datePublished": "2017-02-15T21:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9837
Vulnerability from cvelistv5
Published
2017-04-11 19:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26682"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=7a7119c6fe19324ee17b8f756dae60c16e470ab2"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-11T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26682"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=7a7119c6fe19324ee17b8f756dae60c16e470ab2"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26682",
              "refsource": "MISC",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26682"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=7a7119c6fe19324ee17b8f756dae60c16e470ab2",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=7a7119c6fe19324ee17b8f756dae60c16e470ab2"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9837",
    "datePublished": "2017-04-11T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20246
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.162Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928941"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 6.9.11-62, ImageMagick 7.0.10-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928941"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20246",
    "datePublished": "2021-03-09T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.162Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14626
Vulnerability from cvelistv5
Published
2017-09-21 05:00
Modified
2024-08-05 19:34
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.118Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/720"
          },
          {
            "name": "100943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:29",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/720"
        },
        {
          "name": "100943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14626",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/720",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/720"
            },
            {
              "name": "100943",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100943"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/721",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/721"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14626",
    "datePublished": "2017-09-21T05:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6501
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.139Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751"
          },
          {
            "name": "96589",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96589"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/856881"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-07T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751"
        },
        {
          "name": "96589",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96589"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/856881"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6501",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d31fec57e9dfb0516deead2053a856e3c71e9751"
            },
            {
              "name": "96589",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96589"
            },
            {
              "name": "https://bugs.debian.org/856881",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/856881"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6501",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16749
Vulnerability from cvelistv5
Published
2018-09-09 15:00
Modified
2024-08-05 10:32
Severity ?
Summary
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4"
          },
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1119"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:22",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4"
        },
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1119"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16749",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4"
            },
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1119",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1119"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16749",
    "datePublished": "2018-09-09T15:00:00",
    "dateReserved": "2018-09-09T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8344
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/446x_refsource_CONFIRM
http://www.securityfocus.com/bid/98136vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/446"
          },
          {
            "name": "98136",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98136"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/446"
        },
        {
          "name": "98136",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98136"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8344",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/446",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/446"
            },
            {
              "name": "98136",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98136"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8344",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.480Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-1115
Vulnerability from cvelistv5
Published
2022-08-29 14:03
Modified
2024-08-02 23:55
Severity ?
Summary
A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:55:23.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/4974"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2022-1115"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick6 v6.9.12-44, ImageMagick7 v7.1.0-29"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-buffer-overflow flaw was found in ImageMagick\u2019s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer.",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T14:03:06",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/4974"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2022-1115"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-1115",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in ImageMagick6 v6.9.12-44, ImageMagick7 v7.1.0-29"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap-buffer-overflow flaw was found in ImageMagick\u2019s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/4974",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/4974"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09"
            },
            {
              "name": "https://access.redhat.com/security/cve/CVE-2022-1115",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/cve/CVE-2022-1115"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-1115",
    "datePublished": "2022-08-29T14:03:06",
    "dateReserved": "2022-03-28T00:00:00",
    "dateUpdated": "2024-08-02T23:55:23.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-3718
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:03
Severity ?
Summary
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
References
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/538378/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/39767/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlvendor-advisory, x_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlmailing-list, x_refsource_MLIST
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/18mailing-list, x_refsource_MLIST
https://security.gentoo.org/glsa/201611-21vendor-advisory, x_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568vendor-advisory, x_refsource_SLACKWARE
https://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3580vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2016-0726.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.460Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2016:1266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
          },
          {
            "name": "openSUSE-SU-2016:1326",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "openSUSE-SU-2016:1261",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
          },
          {
            "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
          },
          {
            "name": "39767",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39767/"
          },
          {
            "name": "SUSE-SU-2016:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
          },
          {
            "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "SUSE-SU-2016:1275",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
          },
          {
            "name": "SSA:2016-132-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "DSA-3580",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3580"
          },
          {
            "name": "RHSA-2016:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2016:1266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
        },
        {
          "name": "openSUSE-SU-2016:1326",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "openSUSE-SU-2016:1261",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
        },
        {
          "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
        },
        {
          "name": "39767",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39767/"
        },
        {
          "name": "SUSE-SU-2016:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
        },
        {
          "name": "[debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "SUSE-SU-2016:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
        },
        {
          "name": "SSA:2016-132-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "DSA-3580",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3580"
        },
        {
          "name": "RHSA-2016:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-3718",
    "datePublished": "2016-05-05T18:00:00",
    "dateReserved": "2016-03-30T00:00:00",
    "dateUpdated": "2024-08-06T00:03:34.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9810
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343466"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=68db5f601d4120170b91f5397e596c0b8f9d3a8e"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343466"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=68db5f601d4120170b91f5397e596c0b8f9d3a8e"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9810",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343466",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343466"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=68db5f601d4120170b91f5397e596c0b8f9d3a8e",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=68db5f601d4120170b91f5397e596c0b8f9d3a8e"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9810",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16642
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:52.962Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1162"
          },
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "name": "DSA-4316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4316"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-14T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1162"
        },
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "name": "DSA-4316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4316"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16642",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1162",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1162"
            },
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "DSA-4316",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4316"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16642",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:52.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3743
Vulnerability from cvelistv5
Published
2006-08-25 01:00
Modified
2024-08-07 18:39
Severity ?
Summary
Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
References
http://www.osvdb.org/28205vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/21679third-party-advisory, x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=144854x_refsource_MISC
http://www.ubuntu.com/usn/usn-340-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/21780third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21671third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21832third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/21615third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1168vendor-advisory, x_refsource_DEBIAN
https://issues.rpath.com/browse/RPL-605x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155vendor-advisory, x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200609-14.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/21719third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/22096third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21621third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.ascvendor-advisory, x_refsource_SGI
http://www.vupen.com/english/advisories/2006/3375vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2006-0633.htmlvendor-advisory, x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/28575vdb-entry, x_refsource_XF
http://securitytracker.com/id?1016749vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/19697vdb-entry, x_refsource_BID
http://secunia.com/advisories/22036third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:54.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28205",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28205"
          },
          {
            "name": "21679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21679"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=144854"
          },
          {
            "name": "USN-340-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-340-1"
          },
          {
            "name": "21780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21780"
          },
          {
            "name": "21671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21671"
          },
          {
            "name": "21832",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21832"
          },
          {
            "name": "SUSE-SA:2006:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
          },
          {
            "name": "21615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21615"
          },
          {
            "name": "DSA-1168",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1168"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-605"
          },
          {
            "name": "oval:org.mitre.oval:def:9895",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895"
          },
          {
            "name": "MDKSA-2006:155",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
          },
          {
            "name": "GLSA-200609-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
          },
          {
            "name": "21719",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21719"
          },
          {
            "name": "22096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22096"
          },
          {
            "name": "21621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21621"
          },
          {
            "name": "20060901-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
          },
          {
            "name": "ADV-2006-3375",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3375"
          },
          {
            "name": "RHSA-2006:0633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
          },
          {
            "name": "imagemagick-propuserunit-bo(28575)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28575"
          },
          {
            "name": "1016749",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016749"
          },
          {
            "name": "19697",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19697"
          },
          {
            "name": "22036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22036"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "28205",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28205"
        },
        {
          "name": "21679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21679"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=144854"
        },
        {
          "name": "USN-340-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-340-1"
        },
        {
          "name": "21780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21780"
        },
        {
          "name": "21671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21671"
        },
        {
          "name": "21832",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21832"
        },
        {
          "name": "SUSE-SA:2006:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
        },
        {
          "name": "21615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21615"
        },
        {
          "name": "DSA-1168",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1168"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-605"
        },
        {
          "name": "oval:org.mitre.oval:def:9895",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9895"
        },
        {
          "name": "MDKSA-2006:155",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
        },
        {
          "name": "GLSA-200609-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
        },
        {
          "name": "21719",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21719"
        },
        {
          "name": "22096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22096"
        },
        {
          "name": "21621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21621"
        },
        {
          "name": "20060901-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
        },
        {
          "name": "ADV-2006-3375",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3375"
        },
        {
          "name": "RHSA-2006:0633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
        },
        {
          "name": "imagemagick-propuserunit-bo(28575)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28575"
        },
        {
          "name": "1016749",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016749"
        },
        {
          "name": "19697",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19697"
        },
        {
          "name": "22036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22036"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-3743",
    "datePublished": "2006-08-25T01:00:00",
    "dateReserved": "2006-07-20T00:00:00",
    "dateUpdated": "2024-08-07T18:39:54.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12693
Vulnerability from cvelistv5
Published
2017-09-01 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/652"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:27",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/652"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12693",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/652",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/652"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12693",
    "datePublished": "2017-09-01T21:00:00",
    "dateReserved": "2017-08-08T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18271
Vulnerability from cvelistv5
Published
2018-05-18 19:00
Modified
2024-08-05 21:13
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/911"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/911"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/911",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/911"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18271",
    "datePublished": "2018-05-18T19:00:00",
    "dateReserved": "2018-05-18T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8343
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98132vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/444x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98132",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98132"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98132",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98132"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/444"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8343",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98132",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98132"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/444",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/444"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8343",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10047
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:31.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95182",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95182"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95182",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95182"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95182",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95182"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410449",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410449"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10047",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:31.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14224
Vulnerability from cvelistv5
Published
2017-09-09 01:00
Modified
2024-08-05 19:20
Severity ?
Summary
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/100702vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/733x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "name": "100702",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100702"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "name": "100702",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100702"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/733"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14224",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "100702",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100702"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/733",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/733"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14224",
    "datePublished": "2017-09-09T01:00:00",
    "dateReserved": "2017-09-08T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27761
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.669Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894679"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894679"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27761",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9835
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.580Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9835",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9835",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.580Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12674
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.468Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/604"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/604"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12674",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/604",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/604"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12674",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11533
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/562x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.322Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/562"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/562"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11533",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/562",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/562"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11533",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.322Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11530
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.346Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/524"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/524"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11530",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/524",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/524"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11530",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.346Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1275
Vulnerability from cvelistv5
Published
2005-04-26 04:00
Modified
2024-08-07 21:44
Severity ?
Summary
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:05.737Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDKSA-2005:107",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
          },
          {
            "name": "oval:org.mitre.oval:def:10003",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003"
          },
          {
            "name": "13351",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13351"
          },
          {
            "name": "20050424 [Overflow.pl] ImageMagick ReadPNMImage() Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/lists/bugtraq/2005/Apr/0407.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.overflow.pl/adv/imheapoverflow.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
          },
          {
            "name": "oval:org.mitre.oval:def:711",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711"
          },
          {
            "name": "RHSA-2005:413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-413.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "MDKSA-2005:107",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
        },
        {
          "name": "oval:org.mitre.oval:def:10003",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10003"
        },
        {
          "name": "13351",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13351"
        },
        {
          "name": "20050424 [Overflow.pl] ImageMagick ReadPNMImage() Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/lists/bugtraq/2005/Apr/0407.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.overflow.pl/adv/imheapoverflow.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
        },
        {
          "name": "oval:org.mitre.oval:def:711",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A711"
        },
        {
          "name": "RHSA-2005:413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-413.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-1275",
    "datePublished": "2005-04-26T04:00:00",
    "dateReserved": "2005-04-26T00:00:00",
    "dateUpdated": "2024-08-07T21:44:05.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9852
Vulnerability from cvelistv5
Published
2017-03-17 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=37ec7d53dcb99fbd1f5c33442594d5e279630563"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=37ec7d53dcb99fbd1f5c33442594d5e279630563"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9852",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343512"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=37ec7d53dcb99fbd1f5c33442594d5e279630563",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=37ec7d53dcb99fbd1f5c33442594d5e279630563"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9852",
    "datePublished": "2017-03-17T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10054
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "name": "95191",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95191"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410462"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T21:00:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "name": "95191",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95191"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410462"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10054",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "95191",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95191"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410462",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410462"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10054",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-6520
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:29
Severity ?
Summary
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:20.166Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036502",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036502"
          },
          {
            "name": "[oss-security] 20160802 CVE Request ImageMagick buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/02/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "[oss-security] 20160802 Re: CVE Request ImageMagick buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/02/10"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1036502",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036502"
        },
        {
          "name": "[oss-security] 20160802 CVE Request ImageMagick buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/02/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "[oss-security] 20160802 Re: CVE Request ImageMagick buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/02/10"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6520",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036502",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036502"
            },
            {
              "name": "[oss-security] 20160802 CVE Request ImageMagick buffer overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/02/6"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "[oss-security] 20160802 Re: CVE Request ImageMagick buffer overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/02/10"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6520",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-08-02T00:00:00",
    "dateUpdated": "2024-08-06T01:29:20.166Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9501
Vulnerability from cvelistv5
Published
2017-06-07 14:00
Modified
2024-08-05 17:11
Severity ?
Summary
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98943",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/491"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-09T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98943",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/491"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9501",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98943",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98943"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/491",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/491"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9501",
    "datePublished": "2017-06-07T14:00:00",
    "dateReserved": "2017-06-07T00:00:00",
    "dateUpdated": "2024-08-05T17:11:01.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27766
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.737Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894686"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-69"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-69."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894686"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27766",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18028
Vulnerability from cvelistv5
Published
2018-01-12 20:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/736x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:50.208Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/736"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/736"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18028",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/736",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/736"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18028",
    "datePublished": "2018-01-12T20:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T21:06:50.208Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10048
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410451"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "name": "95186",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95186"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410451"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "name": "95186",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95186"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410451",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410451"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "95186",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95186"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10048",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0759
Vulnerability from cvelistv5
Published
2005-03-26 05:00
Modified
2024-08-07 21:28
Severity ?
Summary
ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:27.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1013550",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013550"
          },
          {
            "name": "12875",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12875"
          },
          {
            "name": "SUSE-SA:2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11022",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022"
          },
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html"
          },
          {
            "name": "DSA-702",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-702"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1013550",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013550"
        },
        {
          "name": "12875",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12875"
        },
        {
          "name": "SUSE-SA:2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11022",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022"
        },
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html"
        },
        {
          "name": "DSA-702",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-702"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0759",
    "datePublished": "2005-03-26T05:00:00",
    "dateReserved": "2005-03-17T00:00:00",
    "dateUpdated": "2024-08-07T21:28:27.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7619
Vulnerability from cvelistv5
Published
2017-04-10 14:00
Modified
2024-08-05 16:12
Severity ?
Summary
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:12:27.160Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31506"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "name": "98689",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98689"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31506"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "name": "98689",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98689"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7619",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31506",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31506"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "98689",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98689"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7619",
    "datePublished": "2017-04-10T14:00:00",
    "dateReserved": "2017-04-10T00:00:00",
    "dateUpdated": "2024-08-05T16:12:27.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-17547
Vulnerability from cvelistv5
Published
2019-10-14 01:07
Modified
2024-08-05 01:40
Severity ?
Summary
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.825Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-14T01:07:25",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17547",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397"
            },
            {
              "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-17547",
    "datePublished": "2019-10-14T01:07:25",
    "dateReserved": "2019-10-14T00:00:00",
    "dateUpdated": "2024-08-05T01:40:15.825Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27776
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:25
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:42.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27776",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:25:42.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8765
Vulnerability from cvelistv5
Published
2017-05-04 03:55
Modified
2024-08-05 16:48
Severity ?
Summary
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
References
http://www.securityfocus.com/bid/98688vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/466x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:48:21.859Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98688",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98688"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/466"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The function named ReadICONImage in coders\\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98688",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98688"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/466"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8765",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The function named ReadICONImage in coders\\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98688",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98688"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/466",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/466"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8765",
    "datePublished": "2017-05-04T03:55:00",
    "dateReserved": "2017-05-03T00:00:00",
    "dateUpdated": "2024-08-05T16:48:21.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13309
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.582Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13309",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1616",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13309",
    "datePublished": "2019-07-05T00:53:50",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-2157
Vulnerability from cvelistv5
Published
2023-06-06 00:00
Modified
2024-08-02 06:12
Severity ?
Summary
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:12:20.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208537"
          },
          {
            "name": "FEDORA-2023-27548af422",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.1.1-9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-24T02:06:25.384196",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208537"
        },
        {
          "name": "FEDORA-2023-27548af422",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-2157",
    "datePublished": "2023-06-06T00:00:00",
    "dateReserved": "2023-04-18T00:00:00",
    "dateUpdated": "2024-08-02T06:12:20.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14175
Vulnerability from cvelistv5
Published
2017-09-07 06:00
Modified
2024-08-05 19:20
Severity ?
Summary
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:40.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/712"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T19:07:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/712"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/712",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/712"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14175",
    "datePublished": "2017-09-07T06:00:00",
    "dateReserved": "2017-09-07T00:00:00",
    "dateUpdated": "2024-08-05T19:20:40.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7514
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.690Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378739"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/83"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d"
          },
          {
            "name": "93122",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93122"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378739"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/83"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d"
        },
        {
          "name": "93122",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93122"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7514",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPSDChannelPixels function in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378739",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378739"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e14fd0a2801f73bdc123baf4fbab97dec55919eb"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533442"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/280215b9936d145dd5ee91403738ccce1333cab1"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/83",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/83"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/198fffab4daf8aea88badd9c629350e5b26ec32f"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6f1879d498bcc5cce12fe0c5decb8dbc0f608e5d"
            },
            {
              "name": "93122",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93122"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7514",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9807
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343463"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=be644895456764f2c2670f297d9d9860ff0bdd75"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343463"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=be644895456764f2c2670f297d9d9860ff0bdd75"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9807",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343463",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343463"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=be644895456764f2c2670f297d9d9860ff0bdd75",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=be644895456764f2c2670f297d9d9860ff0bdd75"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9807",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8345
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/442x_refsource_CONFIRM
http://www.securityfocus.com/bid/98138vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/442"
          },
          {
            "name": "98138",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98138"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/442"
        },
        {
          "name": "98138",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98138"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8345",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/442",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/442"
            },
            {
              "name": "98138",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98138"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8345",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20243
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.175Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928958"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/3193"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.10-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928958"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/pull/3193"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20243",
    "datePublished": "2021-03-09T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-40211
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 18:11
Severity ?
Summary
An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.838Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/4097"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40211",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T18:10:55.555082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-03T18:11:20.813Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-22T15:45:53.726669",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/4097"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-40211",
    "datePublished": "2023-08-22T00:00:00",
    "dateReserved": "2021-08-30T00:00:00",
    "dateUpdated": "2024-10-03T18:11:20.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11446
Vulnerability from cvelistv5
Published
2017-07-19 07:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99964",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99964"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/537"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPESImage function in coders\\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99964",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99964"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/537"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11446",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPESImage function in coders\\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99964",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99964"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/537",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/537"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11446",
    "datePublished": "2017-07-19T07:00:00",
    "dateReserved": "2017-07-19T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9826
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.524Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343482"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343482"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9826",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343482",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343482"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9826",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9819
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343475"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343475"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9819",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343475",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343475"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9819",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.551Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9805
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.373Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9805",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343460"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9805",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7522
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/93"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/93"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7522",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/93",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/93"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7522",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12672
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.406Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100224",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100224"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/617"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100224",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100224"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/617"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12672",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100224",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100224"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/617",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/617"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12672",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.406Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9844
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343502"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2016:1724",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2016:1783",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=36ed9419a68cb1356b1843b48cc12788179cdaee"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343502"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2016:1724",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2016:1783",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=36ed9419a68cb1356b1843b48cc12788179cdaee"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9844",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343502",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343502"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2016:1724",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2016:1783",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=36ed9419a68cb1356b1843b48cc12788179cdaee",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=36ed9419a68cb1356b1843b48cc12788179cdaee"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9844",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7537
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.750Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378773"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/143"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:50:24",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378773"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/143"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7537",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/424d40ebfcde48bb872eba75179d3d73704fdf1f"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378773",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378773"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1553366"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/143",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/143"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6d202a0514fb6a406456b8b728cde776becb25f8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7537",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.750Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7536
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.746Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/130"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378772"
          },
          {
            "name": "93225",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93225"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:52:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/130"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378772"
        },
        {
          "name": "93225",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93225"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7536",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "magick/profile.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted profile."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/130",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/130"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378772",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378772"
            },
            {
              "name": "93225",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93225"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545367"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/478cce544fdf1de882d78381768458f397964453"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/02dadf116124cfba35d7ebd9ced3e5ad0be0f176"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7536",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.746Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12805
Vulnerability from cvelistv5
Published
2019-05-09 15:29
Modified
2024-08-05 18:51
Severity ?
Summary
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:06.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/664"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "FEDORA-2019-da4c20882c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
          },
          {
            "name": "FEDORA-2019-425a1aa7c9",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/664"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "FEDORA-2019-da4c20882c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
        },
        {
          "name": "FEDORA-2019-425a1aa7c9",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12805",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/664",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/664"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "FEDORA-2019-da4c20882c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
            },
            {
              "name": "FEDORA-2019-425a1aa7c9",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12805",
    "datePublished": "2019-05-09T15:29:45",
    "dateReserved": "2017-08-11T00:00:00",
    "dateUpdated": "2024-08-05T18:51:06.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-32547
Vulnerability from cvelistv5
Published
2022-06-16 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:46:43.328Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick 6.9.12-45, ImageMagick 7.1.0-30"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick, there is load of misaligned address for type \u0027double\u0027, which requires 8 byte alignment and for type \u0027float\u0027, which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-32547",
    "datePublished": "2022-06-16T00:00:00",
    "dateReserved": "2022-06-08T00:00:00",
    "dateUpdated": "2024-08-03T07:46:43.328Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3962
Vulnerability from cvelistv5
Published
2021-11-19 16:11
Modified
2024-08-03 17:09
Severity ?
Summary
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:09:09.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023196"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/4446"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.0-14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-23T18:10:56",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023196"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/4446"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-3962",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.1.0-14"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2023196",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023196"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/82775af03bbb10a0a1d0e15c0156c75673b4525e"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/4446",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/4446"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3962",
    "datePublished": "2021-11-19T16:11:30",
    "dateReserved": "2021-11-16T00:00:00",
    "dateUpdated": "2024-08-03T17:09:09.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-5868
Vulnerability from cvelistv5
Published
2006-11-22 01:00
Modified
2024-08-07 20:04
Severity ?
Summary
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
References
http://secunia.com/advisories/23101third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/bid/21185vdb-entry, x_refsource_BID
http://secunia.com/advisories/24284third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/23219third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:223vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlvendor-advisory, x_refsource_REDHAT
http://www.ubuntu.com/usn/usn-386-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/22998third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24186third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascvendor-advisory, x_refsource_SGI
http://www.debian.org/security/2006/dsa-1213vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:04:55.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23101",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23101"
          },
          {
            "name": "oval:org.mitre.oval:def:10612",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612"
          },
          {
            "name": "21185",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21185"
          },
          {
            "name": "24284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24284"
          },
          {
            "name": "23219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23219"
          },
          {
            "name": "MDKSA-2006:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:223"
          },
          {
            "name": "RHSA-2007:0015",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
          },
          {
            "name": "USN-386-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-386-1"
          },
          {
            "name": "22998",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22998"
          },
          {
            "name": "24186",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24186"
          },
          {
            "name": "20070201-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
          },
          {
            "name": "DSA-1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1213"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23101",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23101"
        },
        {
          "name": "oval:org.mitre.oval:def:10612",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612"
        },
        {
          "name": "21185",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21185"
        },
        {
          "name": "24284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24284"
        },
        {
          "name": "23219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23219"
        },
        {
          "name": "MDKSA-2006:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:223"
        },
        {
          "name": "RHSA-2007:0015",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
        },
        {
          "name": "USN-386-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-386-1"
        },
        {
          "name": "22998",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22998"
        },
        {
          "name": "24186",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24186"
        },
        {
          "name": "20070201-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
        },
        {
          "name": "DSA-1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1213"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5868",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23101",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23101"
            },
            {
              "name": "oval:org.mitre.oval:def:10612",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10612"
            },
            {
              "name": "21185",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21185"
            },
            {
              "name": "24284",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24284"
            },
            {
              "name": "23219",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23219"
            },
            {
              "name": "MDKSA-2006:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:223"
            },
            {
              "name": "RHSA-2007:0015",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
            },
            {
              "name": "USN-386-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-386-1"
            },
            {
              "name": "22998",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22998"
            },
            {
              "name": "24186",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24186"
            },
            {
              "name": "20070201-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
            },
            {
              "name": "DSA-1213",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1213"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5868",
    "datePublished": "2006-11-22T01:00:00",
    "dateReserved": "2006-11-14T00:00:00",
    "dateUpdated": "2024-08-07T20:04:55.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15032
Vulnerability from cvelistv5
Published
2017-10-05 07:00
Modified
2024-08-05 19:42
Severity ?
Summary
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.319Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15032",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/241988ca28139ad970c1d9717c419f41e360ddb0"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15032",
    "datePublished": "2017-10-05T07:00:00",
    "dateReserved": "2017-10-05T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4985
Vulnerability from cvelistv5
Published
2007-09-24 22:00
Modified
2024-08-07 15:17
Severity ?
Summary
ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.
References
http://secunia.com/advisories/27364third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29857third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/483572/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.ubuntu.com/usn/usn-523-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27309third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3245vdb-entry, x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200710-27.xmlvendor-advisory, x_refsource_GENTOO
http://www.securitytracker.com/id?1018729vdb-entry, x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869vdb-entry, signature, x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/36740vdb-entry, x_refsource_XF
http://secunia.com/advisories/27048third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0165.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/28721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27439third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1743x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.htmlmailing-list, x_refsource_MLIST
http://secunia.com/advisories/26926third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035vendor-advisory, x_refsource_MANDRIVA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596third-party-advisory, x_refsource_IDEFENSE
http://www.securityfocus.com/bid/25764vdb-entry, x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=186030x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_23_sr.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:28.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27364"
          },
          {
            "name": "29857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29857"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "20071112 FLEA-2007-0066-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
          },
          {
            "name": "USN-523-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-523-1"
          },
          {
            "name": "27309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27309"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "ADV-2007-3245",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3245"
          },
          {
            "name": "GLSA-200710-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
          },
          {
            "name": "1018729",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018729"
          },
          {
            "name": "oval:org.mitre.oval:def:10869",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869"
          },
          {
            "name": "imagemagick-readdcmimage-readxcfimage-dos(36740)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740"
          },
          {
            "name": "27048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27048"
          },
          {
            "name": "RHSA-2008:0165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
          },
          {
            "name": "28721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28721"
          },
          {
            "name": "27439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27439"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1743"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
          },
          {
            "name": "26926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26926"
          },
          {
            "name": "MDVSA-2008:035",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
          },
          {
            "name": "20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596"
          },
          {
            "name": "25764",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25764"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
          },
          {
            "name": "SUSE-SR:2007:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27364"
        },
        {
          "name": "29857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29857"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "20071112 FLEA-2007-0066-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
        },
        {
          "name": "USN-523-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-523-1"
        },
        {
          "name": "27309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27309"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "ADV-2007-3245",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3245"
        },
        {
          "name": "GLSA-200710-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
        },
        {
          "name": "1018729",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018729"
        },
        {
          "name": "oval:org.mitre.oval:def:10869",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869"
        },
        {
          "name": "imagemagick-readdcmimage-readxcfimage-dos(36740)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740"
        },
        {
          "name": "27048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27048"
        },
        {
          "name": "RHSA-2008:0165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
        },
        {
          "name": "28721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28721"
        },
        {
          "name": "27439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27439"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1743"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
        },
        {
          "name": "26926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26926"
        },
        {
          "name": "MDVSA-2008:035",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
        },
        {
          "name": "20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596"
        },
        {
          "name": "25764",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25764"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
        },
        {
          "name": "SUSE-SR:2007:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4985",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27364"
            },
            {
              "name": "29857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29857"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "20071112 FLEA-2007-0066-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
            },
            {
              "name": "USN-523-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-523-1"
            },
            {
              "name": "27309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27309"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "ADV-2007-3245",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3245"
            },
            {
              "name": "GLSA-200710-27",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
            },
            {
              "name": "1018729",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018729"
            },
            {
              "name": "oval:org.mitre.oval:def:10869",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869"
            },
            {
              "name": "imagemagick-readdcmimage-readxcfimage-dos(36740)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740"
            },
            {
              "name": "27048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27048"
            },
            {
              "name": "RHSA-2008:0165",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
            },
            {
              "name": "28721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28721"
            },
            {
              "name": "27439",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27439"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1743",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1743"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
              "refsource": "MLIST",
              "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
            },
            {
              "name": "26926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26926"
            },
            {
              "name": "MDVSA-2008:035",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
            },
            {
              "name": "20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596"
            },
            {
              "name": "25764",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25764"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=186030",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
            },
            {
              "name": "SUSE-SR:2007:023",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4985",
    "datePublished": "2007-09-24T22:00:00",
    "dateReserved": "2007-09-19T00:00:00",
    "dateUpdated": "2024-08-07T15:17:28.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7101
Vulnerability from cvelistv5
Published
2017-01-18 17:00
Modified
2024-08-06 01:50
Severity ?
Summary
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:50:47.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93181",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93181"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776"
          },
          {
            "name": "[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/26/8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-19T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "93181",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93181"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776"
        },
        {
          "name": "[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/26/8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7101",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "93181",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93181"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776"
            },
            {
              "name": "[oss-security] 20160926 CVE-2016-7101 - ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/26/8"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-7101",
    "datePublished": "2017-01-18T17:00:00",
    "dateReserved": "2016-08-27T00:00:00",
    "dateUpdated": "2024-08-06T01:50:47.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7531
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.915Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378763"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/107"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378763"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/107"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7531",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542112"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378763",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378763"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/107",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/107"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539061"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7531",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25666
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 15:40
Severity ?
Summary
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.313Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891612"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891612"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25666",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-44267
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 13:47
Severity ?
Summary
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:47:05.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://imagemagick.org/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.metabaseq.com/imagemagick-zero-days/"
          },
          {
            "name": "DSA-5347",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5347"
          },
          {
            "name": "FEDORA-2023-6537113d6d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/"
          },
          {
            "name": "FEDORA-2023-93389b8a9e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://imagemagick.org/"
        },
        {
          "url": "https://www.metabaseq.com/imagemagick-zero-days/"
        },
        {
          "name": "DSA-5347",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5347"
        },
        {
          "name": "FEDORA-2023-6537113d6d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/"
        },
        {
          "name": "FEDORA-2023-93389b8a9e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-44267",
    "datePublished": "2023-02-06T00:00:00",
    "dateReserved": "2022-10-30T00:00:00",
    "dateUpdated": "2024-08-03T13:47:05.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11538
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/569"
          },
          {
            "name": "100003",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100003"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/569"
        },
        {
          "name": "100003",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100003"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11538",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/569",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/569"
            },
            {
              "name": "100003",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100003"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11538",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-19952
Vulnerability from cvelistv5
Published
2019-12-24 00:06
Modified
2024-08-05 02:32
Severity ?
Summary
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1791"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-24T00:06:41",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1791"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19952",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1791",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1791"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19952",
    "datePublished": "2019-12-24T00:06:41",
    "dateReserved": "2019-12-24T00:00:00",
    "dateUpdated": "2024-08-05T02:32:10.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-17540
Vulnerability from cvelistv5
Published
2019-10-14 01:09
Modified
2024-08-05 01:40
Severity ?
Summary
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2019-17540"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T12:35:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2019-17540"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/compare/master%40%7B2019-07-15%7D...master%40%7B2019-07-17%7D"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54"
            },
            {
              "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578",
              "refsource": "MISC",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578"
            },
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2019-17540",
              "refsource": "MISC",
              "url": "https://security-tracker.debian.org/tracker/CVE-2019-17540"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-17540",
    "datePublished": "2019-10-14T01:09:28",
    "dateReserved": "2019-10-14T00:00:00",
    "dateUpdated": "2024-08-05T01:40:15.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14138
Vulnerability from cvelistv5
Published
2017-09-04 23:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
References
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/639x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:39.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/639"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/639"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/639",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/639"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14138",
    "datePublished": "2017-09-04T23:00:00",
    "dateReserved": "2017-09-04T00:00:00",
    "dateUpdated": "2024-08-05T19:20:39.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13310
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-14T17:07:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13310",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1616",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1616"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13310",
    "datePublished": "2019-07-05T00:53:57",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7517
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449"
          },
          {
            "name": "93128",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378744"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/80"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449"
        },
        {
          "name": "93128",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378744"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/80"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7517",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533449"
            },
            {
              "name": "93128",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93128"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378744",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378744"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/80",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/80"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7517",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12662
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/576"
          },
          {
            "name": "100232",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100232"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/bd40cc5f53067322861b881485cbd70f509f3829"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:02:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/576"
        },
        {
          "name": "100232",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100232"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/bd40cc5f53067322861b881485cbd70f509f3829"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/576",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/576"
            },
            {
              "name": "100232",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100232"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/bd40cc5f53067322861b881485cbd70f509f3829",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/bd40cc5f53067322861b881485cbd70f509f3829"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12662",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-39978
Vulnerability from cvelistv5
Published
2023-08-08 00:00
Modified
2024-08-02 18:18
Severity ?
Summary
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:18:10.177Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rmagick/rmagick/pull/1406/files"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T02:07:23.141980",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/rmagick/rmagick/pull/1406/files"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-39978",
    "datePublished": "2023-08-08T00:00:00",
    "dateReserved": "2023-08-08T00:00:00",
    "dateUpdated": "2024-08-02T18:18:10.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12976
Vulnerability from cvelistv5
Published
2019-06-26 17:08
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1520x_refsource_MISC
http://www.securityfocus.com/bid/108913vdb-entry, x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.htmlvendor-advisory, x_refsource_SUSE
https://usn.ubuntu.com/4192-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2020/dsa-4712vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:09.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1520"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1520"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12976",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1520",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1520"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12976",
    "datePublished": "2019-06-26T17:08:56",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:09.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-6405
Vulnerability from cvelistv5
Published
2018-01-30 21:00
Modified
2024-08-05 06:01
Severity ?
Summary
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/964x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:49.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/964"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/964"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/964",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/964"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-6405",
    "datePublished": "2018-01-30T21:00:00",
    "dateReserved": "2018-01-30T00:00:00",
    "dateUpdated": "2024-08-05T06:01:49.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16645
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.777Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832"
          },
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1268"
          },
          {
            "name": "DSA-4316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4316"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832"
        },
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1268"
        },
        {
          "name": "DSA-4316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4316"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16645",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832"
            },
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1268",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1268"
            },
            {
              "name": "DSA-4316",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4316"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16645",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.777Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12673
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100228",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100228"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/619"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100228",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100228"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/619"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12673",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100228",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100228"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/619",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/619"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12673",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12977
Vulnerability from cvelistv5
Published
2019-06-26 17:09
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.371Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1518"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:19",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1518"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12977",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1518",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1518"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12977",
    "datePublished": "2019-06-26T17:09:05",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27560
Vulnerability from cvelistv5
Published
2020-10-22 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4"
          },
          {
            "name": "openSUSE-SU-2020:1884",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00037.html"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4"
        },
        {
          "name": "openSUSE-SU-2020:1884",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00037.html"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-27560",
    "datePublished": "2020-10-22T00:00:00",
    "dateReserved": "2020-10-21T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5239
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 00:53
Severity ?
Summary
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:53:48.910Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16"
          },
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "91018",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91018"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-03T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16"
        },
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "91018",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91018"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5239",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16",
              "refsource": "MISC",
              "url": "http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16"
            },
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "91018",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91018"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5239",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T00:53:48.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9814
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.537Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=fcced2ba626109d23186282d326427a0fc85fec0"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343470"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=fcced2ba626109d23186282d326427a0fc85fec0"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343470"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9814",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=fcced2ba626109d23186282d326427a0fc85fec0",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=fcced2ba626109d23186282d326427a0fc85fec0"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343470",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343470"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9814",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.537Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18008
Vulnerability from cvelistv5
Published
2018-01-01 08:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/921x_refsource_CONFIRM
http://www.securityfocus.com/bid/102346vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/921"
          },
          {
            "name": "102346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102346"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/921"
        },
        {
          "name": "102346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102346"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18008",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/921",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/921"
            },
            {
              "name": "102346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102346"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18008",
    "datePublished": "2018-01-01T08:00:00",
    "dateReserved": "2018-01-01T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12983
Vulnerability from cvelistv5
Published
2017-08-21 07:00
Modified
2024-08-05 18:51
Severity ?
Summary
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/682x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:07.384Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/682"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/682"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12983",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/682",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/682"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12983",
    "datePublished": "2017-08-21T07:00:00",
    "dateReserved": "2017-08-21T00:00:00",
    "dateUpdated": "2024-08-05T18:51:07.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10060
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410470"
          },
          {
            "name": "95208",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95208"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410470"
        },
        {
          "name": "95208",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95208"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10060",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410470",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410470"
            },
            {
              "name": "95208",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95208"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/933e96f01a8c889c7bf5ffd30020e86a02a046e7"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/196",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10060",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.012Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10068
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95219",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95219"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410500"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30797"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95219",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95219"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410500"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30797"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95219",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95219"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410500",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410500"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30797",
              "refsource": "MISC",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30797"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10068",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9262
Vulnerability from cvelistv5
Published
2017-05-29 03:52
Modified
2024-08-05 17:02
Severity ?
Summary
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:44.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/475"
          },
          {
            "name": "98735",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98735"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-30T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/475"
        },
        {
          "name": "98735",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98735"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9262",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/475",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/475"
            },
            {
              "name": "98735",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98735"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9262",
    "datePublished": "2017-05-29T03:52:00",
    "dateReserved": "2017-05-28T00:00:00",
    "dateUpdated": "2024-08-05T17:02:44.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16323
Vulnerability from cvelistv5
Published
2018-09-01 18:00
Modified
2024-08-05 10:17
Severity ?
Summary
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
References
https://www.exploit-db.com/exploits/45890/exploit, x_refsource_EXPLOIT-DB
https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786x_refsource_MISC
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:38.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "45890",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45890/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "45890",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45890/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16323",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "45890",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45890/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16323",
    "datePublished": "2018-09-01T18:00:00",
    "dateReserved": "2018-09-01T00:00:00",
    "dateUpdated": "2024-08-05T10:17:38.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-41817
Vulnerability from cvelistv5
Published
2024-07-29 15:53
Modified
2024-08-02 04:46
Summary
Arbitrary Code Execution in `AppImage` version `ImageMagick`
Impacted products
ImageMagickImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:imagemagick:imagemagick:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "imagemagick",
            "vendor": "imagemagick",
            "versions": [
              {
                "lessThanOrEqual": "7.36",
                "status": "affected",
                "version": "7.11",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41817",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T16:18:23.542726Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T16:23:47.450Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:53.171Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8"
          },
          {
            "name": "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38"
          },
          {
            "name": "https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.11-36"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427: Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-29T15:53:17.236Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8"
        },
        {
          "name": "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38"
        },
        {
          "name": "https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14"
        }
      ],
      "source": {
        "advisory": "GHSA-8rxc-922v-phg8",
        "discovery": "UNKNOWN"
      },
      "title": "Arbitrary Code Execution in `AppImage` version `ImageMagick`"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-41817",
    "datePublished": "2024-07-29T15:53:17.236Z",
    "dateReserved": "2024-07-22T13:57:37.137Z",
    "dateUpdated": "2024-08-02T04:46:53.171Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5508
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:14.732Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31161"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175"
          },
          {
            "name": "95748",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95748"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31161"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175"
        },
        {
          "name": "95748",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95748"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5508",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-3/ChangeLog"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31161",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=31161"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c073a7712d82476b5fbee74856c46b88af9c3175"
            },
            {
              "name": "95748",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95748"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-3/ChangeLog"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5508",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:14.732Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-4563
Vulnerability from cvelistv5
Published
2016-06-04 16:00
Modified
2024-08-06 00:32
Severity ?
Summary
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:25.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-20T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4563",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-4563",
    "datePublished": "2016-06-04T16:00:00",
    "dateReserved": "2016-05-06T00:00:00",
    "dateUpdated": "2024-08-06T00:32:25.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8862
Vulnerability from cvelistv5
Published
2017-02-15 19:00
Modified
2024-08-06 02:35
Severity ?
Summary
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:35:01.451Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387135"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
          },
          {
            "name": "93794",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93794"
          },
          {
            "name": "[oss-security] 20161020 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/20/2"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-27T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387135"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
        },
        {
          "name": "93794",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93794"
        },
        {
          "name": "[oss-security] 20161020 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/20/2"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8862",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/20/3"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1387135",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1387135"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/271",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
            },
            {
              "name": "93794",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93794"
            },
            {
              "name": "[oss-security] 20161020 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/20/2"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8862",
    "datePublished": "2017-02-15T19:00:00",
    "dateReserved": "2016-10-20T00:00:00",
    "dateUpdated": "2024-08-06T02:35:01.451Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8562
Vulnerability from cvelistv5
Published
2017-04-11 19:00
Modified
2024-08-06 13:18
Severity ?
Summary
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.569Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "70837",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70837"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159362"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-11T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "70837",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70837"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159362"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8562",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "70837",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70837"
            },
            {
              "name": "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html",
              "refsource": "MISC",
              "url": "https://int21.de/cve/CVE-2014-8562-ImageMagick-dcm-oob-heap-overflow.html"
            },
            {
              "name": "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1159362",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1159362"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8562",
    "datePublished": "2017-04-11T19:00:00",
    "dateReserved": "2014-10-30T00:00:00",
    "dateUpdated": "2024-08-06T13:18:48.569Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-7175
Vulnerability from cvelistv5
Published
2019-03-07 22:00
Modified
2024-08-04 20:38
Severity ?
Summary
In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:38:33.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1450"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1450"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1450",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1450"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7175",
    "datePublished": "2019-03-07T22:00:00",
    "dateReserved": "2019-01-29T00:00:00",
    "dateUpdated": "2024-08-04T20:38:33.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7906
Vulnerability from cvelistv5
Published
2017-01-18 17:00
Modified
2024-08-06 02:13
Severity ?
Summary
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:13:20.915Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93271",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93271"
          },
          {
            "name": "[oss-security] 20161002 Re: imagemagick mogrify use after free",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/02/3"
          },
          {
            "name": "[oss-security] 20161002 imagemagick mogrify use after free",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/02/1"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/281"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:32:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "93271",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93271"
        },
        {
          "name": "[oss-security] 20161002 Re: imagemagick mogrify use after free",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/02/3"
        },
        {
          "name": "[oss-security] 20161002 imagemagick mogrify use after free",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/02/1"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/281"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7906",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "93271",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93271"
            },
            {
              "name": "[oss-security] 20161002 Re: imagemagick mogrify use after free",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/02/3"
            },
            {
              "name": "[oss-security] 20161002 imagemagick mogrify use after free",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/02/1"
            },
            {
              "name": "GLSA-201611-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201611-21"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/281",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/281"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/90406972f108c4da71f998601b06abdc2ac6f06e"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-7906",
    "datePublished": "2017-01-18T17:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:13:20.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-3714
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-09-09 16:20
Summary
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
References
https://access.redhat.com/security/vulnerabilities/2296071x_refsource_CONFIRM
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLogx_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlvendor-advisory, x_refsource_SUSE
http://www.securitytracker.com/id/1035742vdb-entry, x_refsource_SECTRACK
https://imagetragick.com/x_refsource_MISC
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/13mailing-list, x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlvendor-advisory, x_refsource_SUSE
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlvendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/archive/1/538378/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/39767/exploit, x_refsource_EXPLOIT-DB
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlvendor-advisory, x_refsource_SUSE
http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegatex_refsource_MISC
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/05/03/18mailing-list, x_refsource_MLIST
http://www.debian.org/security/2016/dsa-3746vendor-advisory, x_refsource_DEBIAN
https://security.gentoo.org/glsa/201611-21vendor-advisory, x_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568vendor-advisory, x_refsource_SLACKWARE
https://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
https://www.exploit-db.com/exploits/39791/exploit, x_refsource_EXPLOIT-DB
http://www.debian.org/security/2016/dsa-3580vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/89848vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2016-0726.htmlvendor-advisory, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1332492x_refsource_CONFIRM
https://www.kb.cert.org/vuls/id/250519third-party-advisory, x_refsource_CERT-VN
http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.htmlx_refsource_MISC
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/2296071"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2016:1266",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
          },
          {
            "name": "1035742",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035742"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://imagetragick.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
          },
          {
            "name": "[oss-security] 20160503 ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/13"
          },
          {
            "name": "SUSE-SU-2016:1301",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html"
          },
          {
            "name": "openSUSE-SU-2016:1326",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "openSUSE-SU-2016:1261",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
          },
          {
            "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
          },
          {
            "name": "39767",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39767/"
          },
          {
            "name": "SUSE-SU-2016:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
          },
          {
            "name": "DSA-3746",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3746"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "SUSE-SU-2016:1275",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
          },
          {
            "name": "SSA:2016-132-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "39791",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39791/"
          },
          {
            "name": "DSA-3580",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3580"
          },
          {
            "name": "89848",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/89848"
          },
          {
            "name": "RHSA-2016:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332492"
          },
          {
            "name": "VU#250519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/250519"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "imagemagick",
            "vendor": "imagemagick",
            "versions": [
              {
                "lessThanOrEqual": "6.9.3-9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "imagemagick",
            "vendor": "imagemagick",
            "versions": [
              {
                "status": "affected",
                "version": "7.0.0-0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "imagemagick",
            "vendor": "imagemagick",
            "versions": [
              {
                "status": "affected",
                "version": "7.0.1-0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
              "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ubuntu_linux",
            "vendor": "canonical",
            "versions": [
              {
                "status": "affected",
                "version": "12.04"
              },
              {
                "status": "affected",
                "version": "14.04"
              },
              {
                "status": "affected",
                "version": "15.10"
              },
              {
                "status": "affected",
                "version": "16.04"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "debian_linux",
            "vendor": "debian",
            "versions": [
              {
                "status": "affected",
                "version": "8.0"
              },
              {
                "status": "affected",
                "version": "9.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "opensuse",
            "vendor": "opensuse",
            "versions": [
              {
                "status": "affected",
                "version": "13.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "leap",
            "vendor": "opensuse",
            "versions": [
              {
                "status": "affected",
                "version": "42.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "suse_linux_enterprise_server",
            "vendor": "suse",
            "versions": [
              {
                "status": "affected",
                "version": "12"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 8.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2016-3714",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-07T03:55:20.670421Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-09-09",
                "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T16:20:23.386Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-09-09T00:00:00+00:00",
            "value": "CVE-2016-3714 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka \"ImageTragick.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-03T18:06:06",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/2296071"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2016:1266",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html"
        },
        {
          "name": "1035742",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035742"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://imagetragick.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=29588"
        },
        {
          "name": "[oss-security] 20160503 ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/13"
        },
        {
          "name": "SUSE-SU-2016:1301",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html"
        },
        {
          "name": "openSUSE-SU-2016:1326",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "openSUSE-SU-2016:1261",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html"
        },
        {
          "name": "20160513 May 2016 - HipChat Server - Critical Security Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/538378/100/0/threaded"
        },
        {
          "name": "39767",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39767/"
        },
        {
          "name": "SUSE-SU-2016:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/03/18"
        },
        {
          "name": "DSA-3746",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3746"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "SUSE-SU-2016:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html"
        },
        {
          "name": "SSA:2016-132-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.440568"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "39791",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39791/"
        },
        {
          "name": "DSA-3580",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3580"
        },
        {
          "name": "89848",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/89848"
        },
        {
          "name": "RHSA-2016:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0726.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332492"
        },
        {
          "name": "VU#250519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/250519"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-3714",
    "datePublished": "2016-05-05T18:00:00",
    "dateReserved": "2016-03-30T00:00:00",
    "dateUpdated": "2024-09-09T16:20:23.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11656
Vulnerability from cvelistv5
Published
2018-06-01 15:00
Modified
2024-08-05 08:17
Severity ?
Summary
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
References
https://github.com/ImageMagick/ImageMagick/issues/931x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:08.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/931"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/931"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11656",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/931",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/931"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11656",
    "datePublished": "2018-06-01T15:00:00",
    "dateReserved": "2018-06-01T00:00:00",
    "dateUpdated": "2024-08-05T08:17:08.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-10649
Vulnerability from cvelistv5
Published
2019-03-30 13:13
Modified
2024-08-04 22:31
Severity ?
Summary
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.
References
https://github.com/ImageMagick/ImageMagick/issues/1533x_refsource_MISC
http://www.securityfocus.com/bid/107645vdb-entry, x_refsource_BID
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2020/dsa-4712vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:31:59.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1533"
          },
          {
            "name": "107645",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107645"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1533"
        },
        {
          "name": "107645",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107645"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-10649",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1533",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1533"
            },
            {
              "name": "107645",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107645"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-10649",
    "datePublished": "2019-03-30T13:13:48",
    "dateReserved": "2019-03-30T00:00:00",
    "dateUpdated": "2024-08-04T22:31:59.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1797
Vulnerability from cvelistv5
Published
2007-04-02 22:00
Modified
2024-08-07 13:06
Severity ?
Summary
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.
References
http://www.securityfocus.com/bid/23347vdb-entry, x_refsource_BID
http://secunia.com/advisories/29857third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200705-13.xmlvendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254vdb-entry, signature, x_refsource_OVAL
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496third-party-advisory, x_refsource_IDEFENSE
https://issues.foresightlinux.org/browse/FL-222x_refsource_CONFIRM
http://secunia.com/advisories/24739third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1017839vdb-entry, x_refsource_SECTRACK
https://issues.rpath.com/browse/RPL-1205x_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-481-1vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/23252vdb-entry, x_refsource_BID
http://secunia.com/advisories/25992third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/26177third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0165.htmlvendor-advisory, x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/33377vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/1200vdb-entry, x_refsource_VUPEN
http://www.novell.com/linux/security/advisories/2007_8_sr.htmlvendor-advisory, x_refsource_SUSE
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://www.imagemagick.org/script/changelog.phpx_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:147vendor-advisory, x_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/33376vdb-entry, x_refsource_XF
http://secunia.com/advisories/24721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25072third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25206third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:06:26.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "23347",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23347"
          },
          {
            "name": "29857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29857"
          },
          {
            "name": "GLSA-200705-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-13.xml"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9254",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254"
          },
          {
            "name": "20070331 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.foresightlinux.org/browse/FL-222"
          },
          {
            "name": "24739",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24739"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "name": "1017839",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017839"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1205"
          },
          {
            "name": "USN-481-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-481-1"
          },
          {
            "name": "23252",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23252"
          },
          {
            "name": "25992",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25992"
          },
          {
            "name": "26177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26177"
          },
          {
            "name": "RHSA-2008:0165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
          },
          {
            "name": "imagemagick-readxwdimage-bo(33377)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377"
          },
          {
            "name": "ADV-2007-1200",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1200"
          },
          {
            "name": "SUSE-SR:2007:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "MDKSA-2007:147",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
          },
          {
            "name": "imagemagick-readdcmimage-bo(33376)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376"
          },
          {
            "name": "24721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24721"
          },
          {
            "name": "25072",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25072"
          },
          {
            "name": "25206",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25206"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "23347",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23347"
        },
        {
          "name": "29857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29857"
        },
        {
          "name": "GLSA-200705-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-13.xml"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9254",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254"
        },
        {
          "name": "20070331 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.foresightlinux.org/browse/FL-222"
        },
        {
          "name": "24739",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24739"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "name": "1017839",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017839"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1205"
        },
        {
          "name": "USN-481-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-481-1"
        },
        {
          "name": "23252",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23252"
        },
        {
          "name": "25992",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25992"
        },
        {
          "name": "26177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26177"
        },
        {
          "name": "RHSA-2008:0165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
        },
        {
          "name": "imagemagick-readxwdimage-bo(33377)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377"
        },
        {
          "name": "ADV-2007-1200",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1200"
        },
        {
          "name": "SUSE-SR:2007:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "MDKSA-2007:147",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
        },
        {
          "name": "imagemagick-readdcmimage-bo(33376)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376"
        },
        {
          "name": "24721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24721"
        },
        {
          "name": "25072",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25072"
        },
        {
          "name": "25206",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25206"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1797",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "23347",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23347"
            },
            {
              "name": "29857",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29857"
            },
            {
              "name": "GLSA-200705-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-13.xml"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9254",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9254"
            },
            {
              "name": "20070331 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496"
            },
            {
              "name": "https://issues.foresightlinux.org/browse/FL-222",
              "refsource": "CONFIRM",
              "url": "https://issues.foresightlinux.org/browse/FL-222"
            },
            {
              "name": "24739",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24739"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "1017839",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017839"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1205",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1205"
            },
            {
              "name": "USN-481-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-481-1"
            },
            {
              "name": "23252",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23252"
            },
            {
              "name": "25992",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25992"
            },
            {
              "name": "26177",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26177"
            },
            {
              "name": "RHSA-2008:0165",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
            },
            {
              "name": "imagemagick-readxwdimage-bo(33377)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33377"
            },
            {
              "name": "ADV-2007-1200",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1200"
            },
            {
              "name": "SUSE-SR:2007:008",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "MISC",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "MDKSA-2007:147",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:147"
            },
            {
              "name": "imagemagick-readdcmimage-bo(33376)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33376"
            },
            {
              "name": "24721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24721"
            },
            {
              "name": "25072",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25072"
            },
            {
              "name": "25206",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25206"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1797",
    "datePublished": "2007-04-02T22:00:00",
    "dateReserved": "2007-04-02T00:00:00",
    "dateUpdated": "2024-08-07T13:06:26.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-7397
Vulnerability from cvelistv5
Published
2019-02-05 00:00
Modified
2024-08-04 20:46
Severity ?
Summary
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:46.267Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "106847",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106847"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1454"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "106847",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106847"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1454"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7397",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "106847",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106847"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1454",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1454"
            },
            {
              "name": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1",
              "refsource": "MISC",
              "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7397",
    "datePublished": "2019-02-05T00:00:00",
    "dateReserved": "2019-02-04T00:00:00",
    "dateUpdated": "2024-08-04T20:46:46.267Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13307
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1615"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-03T11:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1615"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13307",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1615",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1615"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13307",
    "datePublished": "2019-07-05T00:53:35",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.572Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-14551
Vulnerability from cvelistv5
Published
2018-07-23 08:00
Modified
2024-08-05 09:29
Severity ?
Summary
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:29:51.676Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1221"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1221"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14551",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1221",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1221"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14551",
    "datePublished": "2018-07-23T08:00:00",
    "dateReserved": "2018-07-23T00:00:00",
    "dateUpdated": "2024-08-05T09:29:51.676Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13308
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1595"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:25",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1595"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13308",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1595",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1595"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13308",
    "datePublished": "2019-07-05T00:53:43",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13134
Vulnerability from cvelistv5
Published
2019-07-01 19:27
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13134",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1600",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13134",
    "datePublished": "2019-07-01T19:27:24",
    "dateReserved": "2019-07-01T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9405
Vulnerability from cvelistv5
Published
2017-06-02 19:00
Modified
2024-09-16 17:43
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:44.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/457"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-02T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/457"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/457",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/457"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9405",
    "datePublished": "2017-06-02T19:00:00Z",
    "dateReserved": "2017-06-02T00:00:00Z",
    "dateUpdated": "2024-09-16T17:43:27.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10055
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410464"
          },
          {
            "name": "95193",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95193"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T20:44:49",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410464"
        },
        {
          "name": "95193",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95193"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410464",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410464"
            },
            {
              "name": "95193",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95193"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10055",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27768
Vulnerability from cvelistv5
Published
2021-02-23 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.666Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894689"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick, there is an outside the range of representable values of type \u0027unsigned int\u0027 at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894689"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27768",
    "datePublished": "2021-02-23T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13769
Vulnerability from cvelistv5
Published
2017-08-30 09:00
Modified
2024-08-05 19:05
Severity ?
Summary
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/705x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:05:20.101Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/705"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/705"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13769",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/705",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/705"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13769",
    "datePublished": "2017-08-30T09:00:00",
    "dateReserved": "2017-08-30T00:00:00",
    "dateUpdated": "2024-08-05T19:05:20.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13296
Vulnerability from cvelistv5
Published
2019-07-05 00:50
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.599Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1604"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ce08a3691a8ac29125e29fc41967b3737fa3f425"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1604"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ce08a3691a8ac29125e29fc41967b3737fa3f425"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13296",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1604",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1604"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ce08a3691a8ac29125e29fc41967b3737fa3f425",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ce08a3691a8ac29125e29fc41967b3737fa3f425"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13296",
    "datePublished": "2019-07-05T00:50:58",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-10714
Vulnerability from cvelistv5
Published
2019-04-02 20:16
Modified
2024-08-04 22:32
Severity ?
Summary
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:32:01.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1495"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-02T20:16:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1495"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-10714",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/58d9c46929ca0828edde34d263700c3a5fe8dc3c"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/edc7d3035883ddca8413e4fe7689aa2e579ef04a"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/07eebcd72f45c8fd7563d3f9ec5d2bed48f65f36"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1495",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1495"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-10714",
    "datePublished": "2019-04-02T20:16:04",
    "dateReserved": "2019-04-02T00:00:00",
    "dateUpdated": "2024-08-04T22:32:01.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0761
Vulnerability from cvelistv5
Published
2005-03-26 05:00
Modified
2024-08-07 21:28
Severity ?
Summary
Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:27.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11150",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150"
          },
          {
            "name": "1013550",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013550"
          },
          {
            "name": "12876",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12876"
          },
          {
            "name": "SUSE-SA:2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11150",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150"
        },
        {
          "name": "1013550",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013550"
        },
        {
          "name": "12876",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12876"
        },
        {
          "name": "SUSE-SA:2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0761",
    "datePublished": "2005-03-26T05:00:00",
    "dateReserved": "2005-03-17T00:00:00",
    "dateUpdated": "2024-08-07T21:28:27.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-19667
Vulnerability from cvelistv5
Published
2020-11-20 00:00
Modified
2024-08-04 14:15
Severity ?
Summary
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T14:15:27.876Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1895"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1895"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-19667",
    "datePublished": "2020-11-20T00:00:00",
    "dateReserved": "2020-08-13T00:00:00",
    "dateUpdated": "2024-08-04T14:15:27.876Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-2030
Vulnerability from cvelistv5
Published
2020-02-06 14:58
Modified
2024-08-06 09:58
Severity ?
Summary
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:58:16.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-2132-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-06T14:58:56",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ubuntu.com/usn/usn-2132-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-2030",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/12/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/12/2"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/13/5",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/19/13",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/19/13"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064098"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html",
              "refsource": "CONFIRM",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html",
              "refsource": "CONFIRM",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
            },
            {
              "name": "http://ubuntu.com/usn/usn-2132-1",
              "refsource": "CONFIRM",
              "url": "http://ubuntu.com/usn/usn-2132-1"
            },
            {
              "name": "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736",
              "refsource": "CONFIRM",
              "url": "https://web.archive.org/web/20090120112751/http://trac.imagemagick.org/changeset/13736"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-2030",
    "datePublished": "2020-02-06T14:58:56",
    "dateReserved": "2014-02-19T00:00:00",
    "dateUpdated": "2024-08-06T09:58:16.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18211
Vulnerability from cvelistv5
Published
2018-03-01 20:00
Modified
2024-08-05 21:13
Severity ?
Summary
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.056Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/792"
          },
          {
            "name": "103220",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103220"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/792"
        },
        {
          "name": "103220",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103220"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18211",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/792",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/792"
            },
            {
              "name": "103220",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103220"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18211",
    "datePublished": "2018-03-01T20:00:00",
    "dateReserved": "2018-03-01T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.056Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-34151
Vulnerability from cvelistv5
Published
2023-05-30 00:00
Modified
2024-08-02 16:01
Severity ?
Summary
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:01:54.137Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/6341"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-34151"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657"
          },
          {
            "name": "FEDORA-2023-d53831b69d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          },
          {
            "name": "[debian-lts-announce] 20240222 [SECURITY] [DLA 3737-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick-6.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-22T11:05:56.270516",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/6341"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-34151"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657"
        },
        {
          "name": "FEDORA-2023-d53831b69d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        },
        {
          "name": "[debian-lts-announce] 20240222 [SECURITY] [DLA 3737-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-34151",
    "datePublished": "2023-05-30T00:00:00",
    "dateReserved": "2023-05-29T00:00:00",
    "dateUpdated": "2024-08-02T16:01:54.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7529
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.769Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/104"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/103"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/104"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/103"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7529",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/104",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/104"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539051"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1539052"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a2e1064f288a353bc5fef7f79ccb7683759e775c"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/103",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/103"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378761"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7529",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.769Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0248
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:16
Severity ?
Summary
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
References
http://www.gentoo.org/security/en/glsa/glsa-201203-09.xmlvendor-advisory, x_refsource_GENTOO
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20286x_refsource_CONFIRM
http://secunia.com/advisories/49068third-party-advisory, x_refsource_SECUNIA
http://www.cert.fi/en/reports/2012/vulnerability595210.htmlx_refsource_MISC
http://secunia.com/advisories/48259third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49043third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/51957vdb-entry, x_refsource_BID
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2012/dsa-2427vendor-advisory, x_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/47926third-party-advisory, x_refsource_SECUNIA
http://ubuntu.com/usn/usn-1435-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/48247third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/79003vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1027032vdb-entry, x_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2012-0545.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:20.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201203-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
          },
          {
            "name": "49068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49068"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
          },
          {
            "name": "48259",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48259"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "51957",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51957"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "name": "DSA-2427",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2427"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "47926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47926"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "48247",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48247"
          },
          {
            "name": "79003",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/79003"
          },
          {
            "name": "1027032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027032"
          },
          {
            "name": "RHSA-2012:0545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-11-27T10:00:00",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "GLSA-201203-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
        },
        {
          "name": "49068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49068"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
        },
        {
          "name": "48259",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48259"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "51957",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51957"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "name": "DSA-2427",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2427"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "47926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47926"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "48247",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48247"
        },
        {
          "name": "79003",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/79003"
        },
        {
          "name": "1027032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027032"
        },
        {
          "name": "RHSA-2012:0545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0248",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201203-09",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201203-09.xml"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20286"
            },
            {
              "name": "49068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49068"
            },
            {
              "name": "http://www.cert.fi/en/reports/2012/vulnerability595210.html",
              "refsource": "MISC",
              "url": "http://www.cert.fi/en/reports/2012/vulnerability595210.html"
            },
            {
              "name": "48259",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48259"
            },
            {
              "name": "49043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49043"
            },
            {
              "name": "51957",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/51957"
            },
            {
              "name": "49063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49063"
            },
            {
              "name": "DSA-2427",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2427"
            },
            {
              "name": "RHSA-2012:0544",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
            },
            {
              "name": "47926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47926"
            },
            {
              "name": "USN-1435-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-1435-1"
            },
            {
              "name": "48247",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48247"
            },
            {
              "name": "79003",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/79003"
            },
            {
              "name": "1027032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027032"
            },
            {
              "name": "RHSA-2012:0545",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-0248",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2011-12-21T00:00:00",
    "dateUpdated": "2024-08-06T18:16:20.024Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-10805
Vulnerability from cvelistv5
Published
2018-05-08 07:00
Modified
2024-08-05 07:46
Severity ?
Summary
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1054x_refsource_MISC
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:46:47.049Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1054"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1054"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10805",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1054",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1054"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10805",
    "datePublished": "2018-05-08T07:00:00",
    "dateReserved": "2018-05-08T00:00:00",
    "dateUpdated": "2024-08-05T07:46:47.049Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11755
Vulnerability from cvelistv5
Published
2017-07-30 18:00
Modified
2024-08-05 18:19
Severity ?
Summary
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:39.032Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/634"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/634"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11755",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/634",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/634"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11755",
    "datePublished": "2017-07-30T18:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:39.032Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-4144
Vulnerability from cvelistv5
Published
2006-08-15 23:00
Modified
2024-08-07 18:57
Severity ?
Summary
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow.
References
http://secunia.com/advisories/21679third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/28372vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/19507vdb-entry, x_refsource_BID
http://secunia.com/advisories/21671third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21832third-party-advisory, x_refsource_SECUNIA
http://www.overflow.pl/adv/imsgiheap.txtx_refsource_MISC
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.htmlvendor-advisory, x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/443362/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://issues.rpath.com/browse/RPL-605x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155vendor-advisory, x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200609-14.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/22096third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21621third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.ascvendor-advisory, x_refsource_SGI
http://www.ubuntu.com/usn/usn-337-1vendor-advisory, x_refsource_UBUNTU
http://www.redhat.com/support/errata/RHSA-2006-0633.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/21462third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1016699vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/22998third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1213vendor-advisory, x_refsource_DEBIAN
http://securityreason.com/securityalert/1385third-party-advisory, x_refsource_SREASON
http://secunia.com/advisories/22036third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/443208/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/21525third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:57:46.220Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21679"
          },
          {
            "name": "imagemagick-readsgiimage-bo(28372)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28372"
          },
          {
            "name": "19507",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19507"
          },
          {
            "name": "21671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21671"
          },
          {
            "name": "21832",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21832"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.overflow.pl/adv/imsgiheap.txt"
          },
          {
            "name": "SUSE-SA:2006:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11129",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129"
          },
          {
            "name": "20060816 Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/443362/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-605"
          },
          {
            "name": "MDKSA-2006:155",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
          },
          {
            "name": "GLSA-200609-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
          },
          {
            "name": "22096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22096"
          },
          {
            "name": "21621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21621"
          },
          {
            "name": "20060901-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
          },
          {
            "name": "USN-337-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-337-1"
          },
          {
            "name": "RHSA-2006:0633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
          },
          {
            "name": "21462",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21462"
          },
          {
            "name": "1016699",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016699"
          },
          {
            "name": "22998",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22998"
          },
          {
            "name": "DSA-1213",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1213"
          },
          {
            "name": "1385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1385"
          },
          {
            "name": "22036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22036"
          },
          {
            "name": "20060814 [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/443208/100/0/threaded"
          },
          {
            "name": "21525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21525"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "21679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21679"
        },
        {
          "name": "imagemagick-readsgiimage-bo(28372)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28372"
        },
        {
          "name": "19507",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19507"
        },
        {
          "name": "21671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21671"
        },
        {
          "name": "21832",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21832"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.overflow.pl/adv/imsgiheap.txt"
        },
        {
          "name": "SUSE-SA:2006:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11129",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129"
        },
        {
          "name": "20060816 Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/443362/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-605"
        },
        {
          "name": "MDKSA-2006:155",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
        },
        {
          "name": "GLSA-200609-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
        },
        {
          "name": "22096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22096"
        },
        {
          "name": "21621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21621"
        },
        {
          "name": "20060901-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
        },
        {
          "name": "USN-337-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-337-1"
        },
        {
          "name": "RHSA-2006:0633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
        },
        {
          "name": "21462",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21462"
        },
        {
          "name": "1016699",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016699"
        },
        {
          "name": "22998",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22998"
        },
        {
          "name": "DSA-1213",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1213"
        },
        {
          "name": "1385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1385"
        },
        {
          "name": "22036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22036"
        },
        {
          "name": "20060814 [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/443208/100/0/threaded"
        },
        {
          "name": "21525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21525"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "21679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21679"
            },
            {
              "name": "imagemagick-readsgiimage-bo(28372)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28372"
            },
            {
              "name": "19507",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19507"
            },
            {
              "name": "21671",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21671"
            },
            {
              "name": "21832",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21832"
            },
            {
              "name": "http://www.overflow.pl/adv/imsgiheap.txt",
              "refsource": "MISC",
              "url": "http://www.overflow.pl/adv/imsgiheap.txt"
            },
            {
              "name": "SUSE-SA:2006:050",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11129",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11129"
            },
            {
              "name": "20060816 Re: [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/443362/100/0/threaded"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-605",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-605"
            },
            {
              "name": "MDKSA-2006:155",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
            },
            {
              "name": "GLSA-200609-14",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
            },
            {
              "name": "22096",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22096"
            },
            {
              "name": "21621",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21621"
            },
            {
              "name": "20060901-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
            },
            {
              "name": "USN-337-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-337-1"
            },
            {
              "name": "RHSA-2006:0633",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
            },
            {
              "name": "21462",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21462"
            },
            {
              "name": "1016699",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016699"
            },
            {
              "name": "22998",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22998"
            },
            {
              "name": "DSA-1213",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1213"
            },
            {
              "name": "1385",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1385"
            },
            {
              "name": "22036",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22036"
            },
            {
              "name": "20060814 [Overflow.pl] ImageMagick ReadSGIImage() Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/443208/100/0/threaded"
            },
            {
              "name": "21525",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21525"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4144",
    "datePublished": "2006-08-15T23:00:00",
    "dateReserved": "2006-08-15T00:00:00",
    "dateUpdated": "2024-08-07T18:57:46.220Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10066
Vulnerability from cvelistv5
Published
2017-03-03 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95217",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95217"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410491"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T22:08:48",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95217",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95217"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410491"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10066",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95217",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95217"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410491",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410491"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f6e9d0d9955e85bdd7540b251cd50d598dacc5e6"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e45e48b881038487d0bc94d92a16c1537616cc0a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10066",
    "datePublished": "2017-03-03T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18022
Vulnerability from cvelistv5
Published
2018-01-05 19:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
References
http://www.securityfocus.com/bid/102437vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/904x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:50.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102437",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102437"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/904"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102437",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102437"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/904"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18022",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102437",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102437"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/904",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/904"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18022",
    "datePublished": "2018-01-05T19:00:00",
    "dateReserved": "2018-01-05T00:00:00",
    "dateUpdated": "2024-08-05T21:06:50.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7518
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/81"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "name": "93130",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93130"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/81"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "name": "93130",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93130"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7518",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/81",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/81"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "93130",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93130"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533447"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378745"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7518",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-1185
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:53
Severity ?
Summary
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:53:36.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "80556",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/80556"
          },
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "51957",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51957"
          },
          {
            "name": "[oss-security] 20120319 CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete  ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/19/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.c"
          },
          {
            "name": "47926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47926"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "imagemagick-profile-code-execution(76140)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76140"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "80556",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/80556"
        },
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1185"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "51957",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51957"
        },
        {
          "name": "[oss-security] 20120319 CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete  ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/19/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/property.c"
        },
        {
          "name": "47926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47926"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "imagemagick-profile-code-execution(76140)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76140"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-1185",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2012-02-14T00:00:00",
    "dateUpdated": "2024-08-06T18:53:36.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11360
Vulnerability from cvelistv5
Published
2017-07-17 06:00
Modified
2024-08-05 18:05
Severity ?
Summary
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:05:30.602Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/518"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadRLEImage function in coders\\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-17T05:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/518"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11360",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadRLEImage function in coders\\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/518",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/518"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11360",
    "datePublished": "2017-07-17T06:00:00",
    "dateReserved": "2017-07-16T00:00:00",
    "dateUpdated": "2024-08-05T18:05:30.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10051
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521"
          },
          {
            "name": "95187",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95187"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30245"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410456"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T21:29:37",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521"
        },
        {
          "name": "95187",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95187"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30245"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410456"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ecc03a2518c2b7dd375fde3a040fdae0bdf6a521"
            },
            {
              "name": "95187",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95187"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30245",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=30245"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410456",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410456"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/548701354191a3dda5cffc6d415374b35b01d0b9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10051",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9836
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9836",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9836",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9815
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9815",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343471",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343471"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9815",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13391
Vulnerability from cvelistv5
Published
2019-07-07 21:16
Modified
2024-08-04 23:49
Severity ?
Summary
In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.970Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1588"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1588"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13391",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1588",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1588"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13391",
    "datePublished": "2019-07-07T21:16:44",
    "dateReserved": "2019-07-07T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.970Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27752
Vulnerability from cvelistv5
Published
2020-12-08 21:57
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.675Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-08T21:57:16",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27752",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.9-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122-\u003eCWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27752",
    "datePublished": "2020-12-08T21:57:16",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9827
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.608Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343483"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343483"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9827",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343483",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343483"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=69490f5cffbda612e15a2985699455bb0b45e276"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9827",
    "datePublished": "2017-08-07T20:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.608Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0005
Vulnerability from cvelistv5
Published
2005-01-19 05:00
Modified
2024-08-07 20:57
Severity ?
Summary
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.834Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:9925",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925"
          },
          {
            "name": "DSA-646",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-646"
          },
          {
            "name": "GLSA-200501-37",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml"
          },
          {
            "name": "20050118 [USN-62-1] imagemagick vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2"
          },
          {
            "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities"
          },
          {
            "name": "RHSA-2005:071",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html"
          },
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:9925",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925"
        },
        {
          "name": "DSA-646",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-646"
        },
        {
          "name": "GLSA-200501-37",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml"
        },
        {
          "name": "20050118 [USN-62-1] imagemagick vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2"
        },
        {
          "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities"
        },
        {
          "name": "RHSA-2005:071",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html"
        },
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0005",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:9925",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925"
            },
            {
              "name": "DSA-646",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-646"
            },
            {
              "name": "GLSA-200501-37",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml"
            },
            {
              "name": "20050118 [USN-62-1] imagemagick vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2"
            },
            {
              "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities"
            },
            {
              "name": "RHSA-2005:071",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html"
            },
            {
              "name": "RHSA-2005:070",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0005",
    "datePublished": "2005-01-19T05:00:00",
    "dateReserved": "2005-01-03T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.834Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11525
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99931",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99931",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11525",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99931",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99931"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/519",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/519"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867810"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11525",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11751
Vulnerability from cvelistv5
Published
2017-07-30 17:00
Modified
2024-08-05 18:19
Severity ?
Summary
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:38.921Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/631"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/631"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11751",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/631",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/631"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11751",
    "datePublished": "2017-07-30T17:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:38.921Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8830
Vulnerability from cvelistv5
Published
2017-05-08 06:10
Modified
2024-08-05 16:48
Severity ?
Summary
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98687vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/467x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:48:22.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98687"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/467"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98687"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/467"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98687",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98687"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/467",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/467"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8830",
    "datePublished": "2017-05-08T06:10:00",
    "dateReserved": "2017-05-07T00:00:00",
    "dateUpdated": "2024-08-05T16:48:22.595Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7443
Vulnerability from cvelistv5
Published
2018-02-23 22:00
Modified
2024-08-05 06:24
Severity ?
Summary
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:24:11.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180225 [SECURITY] [DLA 1293-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/999"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180225 [SECURITY] [DLA 1293-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/999"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-7443",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180225 [SECURITY] [DLA 1293-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00028.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/999",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/999"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-7443",
    "datePublished": "2018-02-23T22:00:00",
    "dateReserved": "2018-02-23T00:00:00",
    "dateUpdated": "2024-08-05T06:24:11.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25664
Vulnerability from cvelistv5
Published
2020-12-08 20:57
Modified
2024-08-04 15:40
Severity ?
Summary
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605"
          },
          {
            "name": "FEDORA-2021-b58af96f33",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            },
            {
              "status": "affected",
              "version": "prior to 6.9.10-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-05T03:06:05",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605"
        },
        {
          "name": "FEDORA-2021-b58af96f33",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25664",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.8-68"
                          },
                          {
                            "version_value": "prior to 6.9.10-68"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122-\u003eCWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605"
            },
            {
              "name": "FEDORA-2021-b58af96f33",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25664",
    "datePublished": "2020-12-08T20:57:44",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9840
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.755Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9840",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4601
Vulnerability from cvelistv5
Published
2006-01-01 23:00
Modified
2024-08-07 23:53
Severity ?
Summary
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/23927vdb-entry, x_refsource_XF
http://secunia.com/advisories/19408third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/452718/100/100/threadedmailing-list, x_refsource_BUGTRAQ
http://www.novell.com/linux/security/advisories/2006_06_sr.htmlvendor-advisory, x_refsource_SUSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.341682vendor-advisory, x_refsource_SLACKWARE
http://www.vupen.com/english/advisories/2008/0412vdb-entry, x_refsource_VUPEN
http://www.debian.org/security/2006/dsa-957vendor-advisory, x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDKSA-2006:024vendor-advisory, x_refsource_MANDRIVA
http://www.osvdb.org/22121vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/23090third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-389x_refsource_CONFIRM
http://secunia.com/advisories/18607third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/bid/16093vdb-entry, x_refsource_BID
http://www.ubuntu.com/usn/usn-246-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/18871third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28800third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353vdb-entry, signature, x_refsource_OVAL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238x_refsource_MISC
http://secunia.com/advisories/18261third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.ascvendor-advisory, x_refsource_SGI
http://rhn.redhat.com/errata/RHSA-2006-0178.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/19183third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18631third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:27.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "imagemagick-filename-command-injection(23927)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23927"
          },
          {
            "name": "19408",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19408"
          },
          {
            "name": "20061127 rPSA-2006-0218-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
          },
          {
            "name": "SUSE-SR:2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
          },
          {
            "name": "SSA:2006-045-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
          },
          {
            "name": "ADV-2008-0412",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0412"
          },
          {
            "name": "DSA-957",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-957"
          },
          {
            "name": "MDKSA-2006:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
          },
          {
            "name": "22121",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22121"
          },
          {
            "name": "23090",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23090"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-389"
          },
          {
            "name": "18607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18607"
          },
          {
            "name": "231321",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
          },
          {
            "name": "16093",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16093"
          },
          {
            "name": "USN-246-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-246-1"
          },
          {
            "name": "18871",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18871"
          },
          {
            "name": "28800",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28800"
          },
          {
            "name": "oval:org.mitre.oval:def:10353",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238"
          },
          {
            "name": "18261",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18261"
          },
          {
            "name": "20060301-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
          },
          {
            "name": "RHSA-2006:0178",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
          },
          {
            "name": "19183",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19183"
          },
          {
            "name": "18631",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18631"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "imagemagick-filename-command-injection(23927)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23927"
        },
        {
          "name": "19408",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19408"
        },
        {
          "name": "20061127 rPSA-2006-0218-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
        },
        {
          "name": "SUSE-SR:2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
        },
        {
          "name": "SSA:2006-045-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
        },
        {
          "name": "ADV-2008-0412",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0412"
        },
        {
          "name": "DSA-957",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-957"
        },
        {
          "name": "MDKSA-2006:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
        },
        {
          "name": "22121",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22121"
        },
        {
          "name": "23090",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23090"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-389"
        },
        {
          "name": "18607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18607"
        },
        {
          "name": "231321",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
        },
        {
          "name": "16093",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16093"
        },
        {
          "name": "USN-246-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-246-1"
        },
        {
          "name": "18871",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18871"
        },
        {
          "name": "28800",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28800"
        },
        {
          "name": "oval:org.mitre.oval:def:10353",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238"
        },
        {
          "name": "18261",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18261"
        },
        {
          "name": "20060301-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
        },
        {
          "name": "RHSA-2006:0178",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
        },
        {
          "name": "19183",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19183"
        },
        {
          "name": "18631",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18631"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4601",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "imagemagick-filename-command-injection(23927)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23927"
            },
            {
              "name": "19408",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19408"
            },
            {
              "name": "20061127 rPSA-2006-0218-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/452718/100/100/threaded"
            },
            {
              "name": "SUSE-SR:2006:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_06_sr.html"
            },
            {
              "name": "SSA:2006-045-03",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.341682"
            },
            {
              "name": "ADV-2008-0412",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0412"
            },
            {
              "name": "DSA-957",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-957"
            },
            {
              "name": "MDKSA-2006:024",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:024"
            },
            {
              "name": "22121",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22121"
            },
            {
              "name": "23090",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23090"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-389",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-389"
            },
            {
              "name": "18607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18607"
            },
            {
              "name": "231321",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
            },
            {
              "name": "16093",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16093"
            },
            {
              "name": "USN-246-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-246-1"
            },
            {
              "name": "18871",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18871"
            },
            {
              "name": "28800",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28800"
            },
            {
              "name": "oval:org.mitre.oval:def:10353",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10353"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238"
            },
            {
              "name": "18261",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18261"
            },
            {
              "name": "20060301-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc"
            },
            {
              "name": "RHSA-2006:0178",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2006-0178.html"
            },
            {
              "name": "19183",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19183"
            },
            {
              "name": "18631",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18631"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4601",
    "datePublished": "2006-01-01T23:00:00",
    "dateReserved": "2006-01-01T00:00:00",
    "dateUpdated": "2024-08-07T23:53:27.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7513
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93121",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93121"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "93121",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93121"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378733"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7513",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "93121",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93121"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a54fe0e8600eaf3dc6fe717d3c0398001507f723"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378733",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378733"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7513",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7799
Vulnerability from cvelistv5
Published
2017-01-18 17:00
Modified
2024-08-06 02:04
Severity ?
Summary
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:56.001Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "93264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93264"
          },
          {
            "name": "[oss-security] 20161001 imagemagick mogrify global buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/01/4"
          },
          {
            "name": "[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/01/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/280"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "93264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93264"
        },
        {
          "name": "[oss-security] 20161001 imagemagick mogrify global buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/01/4"
        },
        {
          "name": "[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/01/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/280"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-7799",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201611-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201611-21"
            },
            {
              "name": "93264",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93264"
            },
            {
              "name": "[oss-security] 20161001 imagemagick mogrify global buffer overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/01/4"
            },
            {
              "name": "[oss-security] 20161001 Re: imagemagick mogrify global buffer overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/01/6"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/280",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/280"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-7799",
    "datePublished": "2017-01-18T17:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:56.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12434
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
References
https://github.com/ImageMagick/ImageMagick/issues/547x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/547"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-06T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/547"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/547",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/547"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12434",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15015
Vulnerability from cvelistv5
Published
2017-10-04 07:00
Modified
2024-08-05 19:42
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.343Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/724"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:37",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/724"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/724",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/724"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15015",
    "datePublished": "2017-10-04T07:00:00",
    "dateReserved": "2017-10-03T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.343Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10071
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410513"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25"
          },
          {
            "name": "95222",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95222"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:34:36",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410513"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25"
        },
        {
          "name": "95222",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95222"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10071",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410513",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410513"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f3b483e8b054c50149912523b4773687e18afe25"
            },
            {
              "name": "95222",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95222"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1bc1fd0ff8c555841c78829217ac81fa0598255d"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10071",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5010
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 00:46
Severity ?
Summary
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:40.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1354500"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1354500"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-5010",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0",
              "refsource": "CONFIRM",
              "url": "http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0"
            },
            {
              "name": "GLSA-201611-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201611-21"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1354500",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1354500"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-5010",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-05-24T00:00:00",
    "dateUpdated": "2024-08-06T00:46:40.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9098
Vulnerability from cvelistv5
Published
2017-05-19 19:00
Modified
2024-08-05 16:55
Severity ?
Summary
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:55:22.260Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b"
          },
          {
            "name": "98593",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98593"
          },
          {
            "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-03T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b"
        },
        {
          "name": "98593",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98593"
        },
        {
          "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9098",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c",
              "refsource": "MISC",
              "url": "http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b"
            },
            {
              "name": "98593",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98593"
            },
            {
              "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
            },
            {
              "name": "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html",
              "refsource": "MISC",
              "url": "https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9098",
    "datePublished": "2017-05-19T19:00:00",
    "dateReserved": "2017-05-19T00:00:00",
    "dateUpdated": "2024-08-05T16:55:22.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-9956
Vulnerability from cvelistv5
Published
2019-03-23 23:14
Modified
2024-08-04 22:10
Severity ?
Summary
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:08.307Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1523"
          },
          {
            "name": "107546",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107546"
          },
          {
            "name": "107672",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107672"
          },
          {
            "name": "DSA-4436",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4436"
          },
          {
            "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Apr/37"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "openSUSE-SU-2019:1331",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1523"
        },
        {
          "name": "107546",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107546"
        },
        {
          "name": "107672",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107672"
        },
        {
          "name": "DSA-4436",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4436"
        },
        {
          "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Apr/37"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "openSUSE-SU-2019:1331",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9956",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1523",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1523"
            },
            {
              "name": "107546",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107546"
            },
            {
              "name": "107672",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107672"
            },
            {
              "name": "DSA-4436",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4436"
            },
            {
              "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Apr/37"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "openSUSE-SU-2019:1331",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9956",
    "datePublished": "2019-03-23T23:14:54",
    "dateReserved": "2019-03-23T00:00:00",
    "dateUpdated": "2024-08-04T22:10:08.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-3437
Vulnerability from cvelistv5
Published
2012-08-07 21:00
Modified
2024-08-06 20:05
Severity ?
Summary
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
References
http://www.securityfocus.com/bid/54714vdb-entry, x_refsource_BID
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/77260vdb-entry, x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=844101x_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDVSA-2013:092vendor-advisory, x_refsource_MANDRIVA
http://www.securitytracker.com/id?1027321vdb-entry, x_refsource_SECTRACK
http://www.mandriva.com/security/advisories?name=MDVSA-2012:160vendor-advisory, x_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/50398third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/50091third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1544-1vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:05:12.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "54714",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/54714"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"
          },
          {
            "name": "imagemagick-png-dos(77260)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=844101"
          },
          {
            "name": "MDVSA-2013:092",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092"
          },
          {
            "name": "1027321",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027321"
          },
          {
            "name": "MDVSA-2012:160",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160"
          },
          {
            "name": "openSUSE-SU-2013:0535",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html"
          },
          {
            "name": "50398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50398"
          },
          {
            "name": "50091",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50091"
          },
          {
            "name": "USN-1544-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1544-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "54714",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/54714"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"
        },
        {
          "name": "imagemagick-png-dos(77260)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=844101"
        },
        {
          "name": "MDVSA-2013:092",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092"
        },
        {
          "name": "1027321",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027321"
        },
        {
          "name": "MDVSA-2012:160",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160"
        },
        {
          "name": "openSUSE-SU-2013:0535",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html"
        },
        {
          "name": "50398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50398"
        },
        {
          "name": "50091",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50091"
        },
        {
          "name": "USN-1544-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1544-1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-3437",
    "datePublished": "2012-08-07T21:00:00",
    "dateReserved": "2012-06-14T00:00:00",
    "dateUpdated": "2024-08-06T20:05:12.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12642
Vulnerability from cvelistv5
Published
2017-08-07 15:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/552"
          },
          {
            "name": "100159",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\\mpc.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-08T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/552"
        },
        {
          "name": "100159",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100159"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12642",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\\mpc.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/552",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/552"
            },
            {
              "name": "100159",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100159"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12642",
    "datePublished": "2017-08-07T15:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11597
Vulnerability from cvelistv5
Published
2019-04-29 15:05
Modified
2024-08-04 22:55
Severity ?
Summary
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:41.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1555"
          },
          {
            "name": "108102",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108102"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "openSUSE-SU-2019:1795",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00043.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1555"
        },
        {
          "name": "108102",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108102"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "openSUSE-SU-2019:1795",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00043.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11597",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1555",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1555"
            },
            {
              "name": "108102",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108102"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "openSUSE-SU-2019:1795",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00043.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11597",
    "datePublished": "2019-04-29T15:05:54",
    "dateReserved": "2019-04-29T00:00:00",
    "dateUpdated": "2024-08-04T22:55:41.024Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-10995
Vulnerability from cvelistv5
Published
2017-07-07 16:00
Modified
2024-08-05 17:57
Severity ?
Summary
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
References
https://github.com/ImageMagick/ImageMagick/issues/538x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/99496vdb-entry, x_refsource_BID
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:57.639Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/538"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "99496",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99496"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/538"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "99496",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99496"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-10995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/538",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/538"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "99496",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99496"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-10995",
    "datePublished": "2017-07-07T16:00:00",
    "dateReserved": "2017-07-07T00:00:00",
    "dateUpdated": "2024-08-05T17:57:57.639Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6499
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:19.876Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23\u0026p=142634"
          },
          {
            "name": "96590",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96590"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543"
          },
          {
            "name": "DSA-3808",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3808"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/856880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23\u0026p=142634"
        },
        {
          "name": "96590",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96590"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543"
        },
        {
          "name": "DSA-3808",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3808"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/856880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6499",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23\u0026p=142634",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=23\u0026p=142634"
            },
            {
              "name": "96590",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96590"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3358f060fc182551822576b2c0a8850faab5d543"
            },
            {
              "name": "DSA-3808",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3808"
            },
            {
              "name": "https://bugs.debian.org/856880",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/856880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6499",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:19.876Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5246
Vulnerability from cvelistv5
Published
2018-01-05 19:00
Modified
2024-08-05 05:33
Severity ?
Summary
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
References
http://www.securityfocus.com/bid/102469vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/929x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:43.747Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102469",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102469"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/929"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102469",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102469"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/929"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-5246",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102469",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102469"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/929",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/929"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-5246",
    "datePublished": "2018-01-05T19:00:00",
    "dateReserved": "2018-01-05T00:00:00",
    "dateUpdated": "2024-08-05T05:33:43.747Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14174
Vulnerability from cvelistv5
Published
2017-09-07 06:00
Modified
2024-08-05 19:20
Severity ?
Summary
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.027Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/714"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large \"length\" field in the header but does not contain sufficient backing data, is provided, the loop over \"length\" would consume huge CPU resources, since there is no EOF check inside the loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:10",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/714"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large \"length\" field in the header but does not contain sufficient backing data, is provided, the loop over \"length\" would consume huge CPU resources, since there is no EOF check inside the loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/714",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/714"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14174",
    "datePublished": "2017-09-07T06:00:00",
    "dateReserved": "2017-09-07T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.027Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25676
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 15:40
Severity ?
Summary
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.962Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891934"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891934"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25676",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17885
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/879x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.338Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/879"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/879"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/879",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/879"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17885",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9838
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.570Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9838",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9838",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14682
Vulnerability from cvelistv5
Published
2017-09-21 22:00
Modified
2024-08-05 19:34
Severity ?
Summary
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
References
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:40.080Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32726"
          },
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32726"
        },
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32726",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32726"
            },
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14682",
    "datePublished": "2017-09-21T22:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:40.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17681
Vulnerability from cvelistv5
Published
2017-12-14 06:00
Modified
2024-08-05 20:59
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
References
https://github.com/ImageMagick/ImageMagick/issues/869x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/102206vdb-entry, x_refsource_BID
https://lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:59:17.542Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/869"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "102206",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102206"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/869"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "102206",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102206"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17681",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/869",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/869"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "102206",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102206"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17681",
    "datePublished": "2017-12-14T06:00:00",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-08-05T20:59:17.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11166
Vulnerability from cvelistv5
Published
2017-07-10 18:00
Modified
2024-09-16 21:08
Severity ?
Summary
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:58.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/471"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadXWDImage function in coders\\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T18:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/471"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11166",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadXWDImage function in coders\\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/471",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/471"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11166",
    "datePublished": "2017-07-10T18:00:00Z",
    "dateReserved": "2017-07-10T00:00:00Z",
    "dateUpdated": "2024-09-16T21:08:17.248Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8707
Vulnerability from cvelistv5
Published
2016-12-23 22:00
Modified
2024-08-06 02:27
Summary
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
References
Impacted products
n/aImageMagick 7.0.3-1
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "94727",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94727"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0216/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick 7.0.3-1",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.3-1"
            }
          ]
        }
      ],
      "datePublic": "2016-12-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks\u0027s convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bounds write",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T19:16:41",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "94727",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94727"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.talosintelligence.com/reports/TALOS-2016-0216/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2016-8707",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick 7.0.3-1",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick 7.0.3-1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks\u0027s convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.5,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "out-of-bounds write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "94727",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94727"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0216/",
              "refsource": "MISC",
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0216/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2016-8707",
    "datePublished": "2016-12-23T22:00:00",
    "dateReserved": "2016-10-17T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11598
Vulnerability from cvelistv5
Published
2019-04-29 15:06
Modified
2024-08-04 22:55
Severity ?
Summary
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:41.121Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1540"
          },
          {
            "name": "108102",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108102"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "openSUSE-SU-2019:1603",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1540"
        },
        {
          "name": "108102",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108102"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "openSUSE-SU-2019:1603",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11598",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1540",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1540"
            },
            {
              "name": "108102",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108102"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "openSUSE-SU-2019:1603",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11598",
    "datePublished": "2019-04-29T15:06:08",
    "dateReserved": "2019-04-29T00:00:00",
    "dateUpdated": "2024-08-04T22:55:41.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13758
Vulnerability from cvelistv5
Published
2017-08-29 23:00
Modified
2024-08-05 19:05
Severity ?
Summary
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
http://www.securitytracker.com/id/1039246vdb-entry, x_refsource_SECTRACK
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:05:20.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32583"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "name": "1039246",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039246"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32583"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "name": "1039246",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039246"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13758",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32583",
              "refsource": "CONFIRM",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32583"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "1039246",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039246"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13758",
    "datePublished": "2017-08-29T23:00:00",
    "dateReserved": "2017-08-29T00:00:00",
    "dateUpdated": "2024-08-05T19:05:20.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0555
Vulnerability from cvelistv5
Published
2003-07-15 04:00
Modified
2024-08-08 01:58
Severity ?
Summary
ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
References
http://marc.info/?l=bugtraq&m=105820576111599&w=2mailing-list, x_refsource_BUGTRAQ
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:58:10.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030714 ImageMagick\u0027s Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105820576111599\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-07-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a \"%x\" filename, possibly triggering a format string vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030714 ImageMagick\u0027s Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105820576111599\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0555",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a \"%x\" filename, possibly triggering a format string vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030714 ImageMagick\u0027s Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105820576111599\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0555",
    "datePublished": "2003-07-15T04:00:00",
    "dateReserved": "2003-07-14T00:00:00",
    "dateUpdated": "2024-08-08T01:58:10.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27754
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.822Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894231"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 6.9.10-69"
            },
            {
              "status": "affected",
              "version": "prior to 7.0.8-69"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894231"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27754",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27774
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:25
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:42.390Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27774",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:25:42.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-6930
Vulnerability from cvelistv5
Published
2018-02-13 05:00
Modified
2024-08-05 06:17
Severity ?
Summary
A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.351Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/967"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-13T04:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/967"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6930",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/967",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/967"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-6930",
    "datePublished": "2018-02-13T05:00:00",
    "dateReserved": "2018-02-12T00:00:00",
    "dateUpdated": "2024-08-05T06:17:17.351Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10145
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-06 03:14
Severity ?
Summary
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:42.355Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "name": "95749",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95749"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "name": "95749",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95749"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-10145",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "95749",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95749"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-10145",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-06T03:14:42.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27770
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894691"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894691"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27770",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9851
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343511"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343511"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9851",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343511",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343511"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9851",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5842
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:15
Severity ?
Summary
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:10.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
          },
          {
            "name": "91394",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91394"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "GLSA-201611-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201611-21"
          },
          {
            "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
          },
          {
            "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
        },
        {
          "name": "91394",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91394"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "GLSA-201611-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201611-21"
        },
        {
          "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
        },
        {
          "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5842",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
            },
            {
              "name": "91394",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91394"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "GLSA-201611-21",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201611-21"
            },
            {
              "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
            },
            {
              "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5842",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-23T00:00:00",
    "dateUpdated": "2024-08-06T01:15:10.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20245
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928943"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/3176"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 6.9.11-62, ImageMagick 7.0.10-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928943"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/3176"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20245",
    "datePublished": "2021-03-09T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10062
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.044Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95209",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95209"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410473"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95209",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95209"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410473"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95209",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95209"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/196",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410473",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410473"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10062",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9842
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343500"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343500"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9842",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343500",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343500"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9842",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0260
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:16
Severity ?
Summary
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
References
http://secunia.com/advisories/55035third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49068third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/74658vdb-entry, x_refsource_XF
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/57224third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2132-1vendor-advisory, x_refsource_UBUNTU
http://www.debian.org/security/2012/dsa-2462vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/52898vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/48974third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49317third-party-advisory, x_refsource_SECUNIA
http://www.cert.fi/en/reports/2012/vulnerability635606.htmlx_refsource_MISC
http://www.osvdb.org/81022vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1027032vdb-entry, x_refsource_SECTRACK
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2012-0545.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:16:20.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55035"
          },
          {
            "name": "49068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49068"
          },
          {
            "name": "imagemagick-jpegwarninghandler-dos(74658)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658"
          },
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "name": "57224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57224"
          },
          {
            "name": "USN-2132-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2132-1"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "name": "52898",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52898"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
          },
          {
            "name": "81022",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/81022"
          },
          {
            "name": "1027032",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
          },
          {
            "name": "RHSA-2012:0545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "55035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55035"
        },
        {
          "name": "49068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49068"
        },
        {
          "name": "imagemagick-jpegwarninghandler-dos(74658)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658"
        },
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "name": "57224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57224"
        },
        {
          "name": "USN-2132-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2132-1"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "name": "52898",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52898"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
        },
        {
          "name": "81022",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/81022"
        },
        {
          "name": "1027032",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
        },
        {
          "name": "RHSA-2012:0545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2012-0260",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55035",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55035"
            },
            {
              "name": "49068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49068"
            },
            {
              "name": "imagemagick-jpegwarninghandler-dos(74658)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74658"
            },
            {
              "name": "openSUSE-SU-2012:0692",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
            },
            {
              "name": "57224",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/57224"
            },
            {
              "name": "USN-2132-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2132-1"
            },
            {
              "name": "DSA-2462",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2462"
            },
            {
              "name": "49063",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49063"
            },
            {
              "name": "52898",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52898"
            },
            {
              "name": "RHSA-2012:0544",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
            },
            {
              "name": "48974",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48974"
            },
            {
              "name": "49317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49317"
            },
            {
              "name": "http://www.cert.fi/en/reports/2012/vulnerability635606.html",
              "refsource": "MISC",
              "url": "http://www.cert.fi/en/reports/2012/vulnerability635606.html"
            },
            {
              "name": "81022",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/81022"
            },
            {
              "name": "1027032",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027032"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
            },
            {
              "name": "RHSA-2012:0545",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0545.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2012-0260",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2011-12-21T00:00:00",
    "dateUpdated": "2024-08-06T18:16:20.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11529
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11529",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/525",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/525"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867823"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11529",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14532
Vulnerability from cvelistv5
Published
2017-09-18 01:00
Modified
2024-08-05 19:27
Severity ?
Summary
ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.844Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/719"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100883",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100883"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/719"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100883",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100883"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14532",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/719",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/719"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100883",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100883"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14532",
    "datePublished": "2017-09-18T01:00:00",
    "dateReserved": "2017-09-17T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.844Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5507
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.208Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "name": "95752",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95752"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T21:05:58",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "name": "95752",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95752"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5507",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.4-4/ChangeLog"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.7-4/ChangeLog"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "95752",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95752"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/66e283e0a9c141b19fe6c4c39f4a41c0d3188ba8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5507",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:15.208Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-8960
Vulnerability from cvelistv5
Published
2018-03-23 21:00
Modified
2024-08-05 07:10
Severity ?
Summary
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:10:47.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1020"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "103523",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103523"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1020"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "103523",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103523"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-8960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1020",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1020"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "103523",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103523"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-8960",
    "datePublished": "2018-03-23T21:00:00",
    "dateReserved": "2018-03-23T00:00:00",
    "dateUpdated": "2024-08-05T07:10:47.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11640
Vulnerability from cvelistv5
Published
2017-07-26 08:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
References
https://github.com/ImageMagick/ImageMagick/issues/584x_refsource_CONFIRM
http://www.securityfocus.com/bid/99989vdb-entry, x_refsource_BID
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.633Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/584"
          },
          {
            "name": "99989",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99989"
          },
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/584"
        },
        {
          "name": "99989",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99989"
        },
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11640",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/584",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/584"
            },
            {
              "name": "99989",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99989"
            },
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11640",
    "datePublished": "2017-07-26T08:00:00",
    "dateReserved": "2017-07-25T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.633Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9407
Vulnerability from cvelistv5
Published
2017-06-02 19:00
Modified
2024-09-16 23:41
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:44.424Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/459"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-02T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/459"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9407",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/459",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/459"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9407",
    "datePublished": "2017-06-02T19:00:00Z",
    "dateReserved": "2017-06-02T00:00:00Z",
    "dateUpdated": "2024-09-16T23:41:56.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9141
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 16:55
Severity ?
Summary
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:55:22.246Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/489"
          },
          {
            "name": "98606",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98606"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/0c5b1e430a83ef793a7334bbbee408cf3c628699"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T20:36:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/489"
        },
        {
          "name": "98606",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98606"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/0c5b1e430a83ef793a7334bbbee408cf3c628699"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/489",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/489"
            },
            {
              "name": "98606",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98606"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/0c5b1e430a83ef793a7334bbbee408cf3c628699",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/0c5b1e430a83ef793a7334bbbee408cf3c628699"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9141",
    "datePublished": "2017-05-22T14:00:00",
    "dateReserved": "2017-05-22T00:00:00",
    "dateUpdated": "2024-08-05T16:55:22.246Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27760
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.597Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894239"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it\u0027s possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894239"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27760",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6498
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:19.037Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/359"
          },
          {
            "name": "96591",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96591"
          },
          {
            "name": "DSA-3808",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3808"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/856878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/pull/359"
        },
        {
          "name": "96591",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96591"
        },
        {
          "name": "DSA-3808",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3808"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/856878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6498",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/65f75a32a93ae4044c528a987a68366ecd4b46b9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/pull/359",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/pull/359"
            },
            {
              "name": "96591",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96591"
            },
            {
              "name": "DSA-3808",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3808"
            },
            {
              "name": "https://bugs.debian.org/856878",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/856878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6498",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:19.037Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8898
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:29
Severity ?
Summary
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.112Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/34"
          },
          {
            "name": "91039",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91039"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-17T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/pull/34"
        },
        {
          "name": "91039",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91039"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8898",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/pull/34",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/pull/34"
            },
            {
              "name": "91039",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91039"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8898",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-6876
Vulnerability from cvelistv5
Published
2018-02-09 18:00
Modified
2024-08-05 06:17
Severity ?
Summary
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.296Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103035",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103035"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/973"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-05T06:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "103035",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103035"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/973"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103035",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103035"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/973",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/973"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-6876",
    "datePublished": "2018-02-09T18:00:00",
    "dateReserved": "2018-02-09T00:00:00",
    "dateUpdated": "2024-08-05T06:17:17.296Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7530
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/110"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/105"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/bugs/1539067"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/bugs/1539053"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/110"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/105"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/bugs/1539067"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/bugs/1539053"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7530",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/63346f34f9d19179599b5b256e5e8d3dda46435c"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b5ed738f8060266bf4ae521f7e3ed145aa4498a3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c4e63ad30bc42da691f2b5f82a24516dd6b4dc70"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/110",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/110"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/105",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/105"
            },
            {
              "name": "https://bugs.launchpad.net/bugs/1539067",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/bugs/1539067"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://bugs.launchpad.net/bugs/1539053",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/bugs/1539053"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7530",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0762
Vulnerability from cvelistv5
Published
2005-03-26 05:00
Modified
2024-08-07 21:28
Severity ?
Summary
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:28:27.173Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:9736",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736"
          },
          {
            "name": "RHSA-2005:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html"
          },
          {
            "name": "1013550",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013550"
          },
          {
            "name": "SUSE-SA:2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
          },
          {
            "name": "DSA-702",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-702"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:9736",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9736"
        },
        {
          "name": "RHSA-2005:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html"
        },
        {
          "name": "1013550",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013550"
        },
        {
          "name": "SUSE-SA:2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html"
        },
        {
          "name": "DSA-702",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-702"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0762",
    "datePublished": "2005-03-26T05:00:00",
    "dateReserved": "2005-03-17T00:00:00",
    "dateUpdated": "2024-08-07T21:28:27.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5248
Vulnerability from cvelistv5
Published
2018-01-05 19:00
Modified
2024-08-05 05:33
Severity ?
Summary
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/927x_refsource_CONFIRM
http://www.securityfocus.com/bid/102431vdb-entry, x_refsource_BID
https://www.debian.org/security/2018/dsa-4245vendor-advisory, x_refsource_DEBIAN
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:42.735Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/927"
          },
          {
            "name": "102431",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102431"
          },
          {
            "name": "DSA-4245",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4245"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-27T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/927"
        },
        {
          "name": "102431",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102431"
        },
        {
          "name": "DSA-4245",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4245"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-5248",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/927",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/927"
            },
            {
              "name": "102431",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102431"
            },
            {
              "name": "DSA-4245",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4245"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-5248",
    "datePublished": "2018-01-05T19:00:00",
    "dateReserved": "2018-01-05T00:00:00",
    "dateUpdated": "2024-08-05T05:33:42.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-7398
Vulnerability from cvelistv5
Published
2019-02-05 00:00
Modified
2024-08-04 20:46
Severity ?
Summary
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:46.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1453"
          },
          {
            "name": "106848",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106848"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:26",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1453"
        },
        {
          "name": "106848",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106848"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7398",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1453",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1453"
            },
            {
              "name": "106848",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106848"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7398",
    "datePublished": "2019-02-05T00:00:00",
    "dateReserved": "2019-02-04T00:00:00",
    "dateUpdated": "2024-08-04T20:46:46.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12668
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/575"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:36:27",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/575"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12668",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/575",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/575"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/2ba8f335fa06daf1165e0878462686028e633a74"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12668",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9847
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.560Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343506"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2016:1724",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f4ece8c7c462c5449138f39401f66318b9ab0430"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2016:1783",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343506"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2016:1724",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f4ece8c7c462c5449138f39401f66318b9ab0430"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2016:1783",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9847",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343506",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343506"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2016:1724",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f4ece8c7c462c5449138f39401f66318b9ab0430",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f4ece8c7c462c5449138f39401f66318b9ab0430"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2016:1783",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9847",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.560Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9830
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.791Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343486"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343486"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343486",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343486"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=b68b78e2625122d9f6b6d88ba4df7e85b47b556f"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9830",
    "datePublished": "2017-08-07T20:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.791Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14342
Vulnerability from cvelistv5
Published
2017-09-12 17:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/650x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/650"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/650"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14342",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/650",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/650"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14342",
    "datePublished": "2017-09-12T17:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.549Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-3213
Vulnerability from cvelistv5
Published
2022-09-19 17:31
Modified
2024-08-03 01:00
Severity ?
Summary
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:00:10.859Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2022-3213"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick 7.1.0-47, ImageMagick 6.9.12-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-19T17:31:48",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2022-3213"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-3213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in ImageMagick 7.1.0-47, ImageMagick 6.9.12-62"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824"
            },
            {
              "name": "https://access.redhat.com/security/cve/CVE-2022-3213",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/cve/CVE-2022-3213"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41fe7cb70030e8750"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95be854fe84e6c2a2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-3213",
    "datePublished": "2022-09-19T17:31:48",
    "dateReserved": "2022-09-14T00:00:00",
    "dateUpdated": "2024-08-03T01:00:10.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7470
Vulnerability from cvelistv5
Published
2018-02-25 07:00
Modified
2024-08-05 06:31
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:31:03.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/998"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-25T07:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/998"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-7470",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/998",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/998"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-7470",
    "datePublished": "2018-02-25T07:00:00",
    "dateReserved": "2018-02-25T00:00:00",
    "dateUpdated": "2024-08-05T06:31:03.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18209
Vulnerability from cvelistv5
Published
2018-03-01 20:00
Modified
2024-08-05 21:13
Severity ?
Summary
In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.068Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "103218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103218"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/790"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "103218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103218"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/790"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "103218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103218"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/790",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/790"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18209",
    "datePublished": "2018-03-01T20:00:00",
    "dateReserved": "2018-03-01T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11625
Vulnerability from cvelistv5
Published
2018-05-31 16:00
Modified
2024-08-05 08:17
Severity ?
Summary
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1156x_refsource_MISC
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:08.409Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1156"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1156"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11625",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1156",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1156"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11625",
    "datePublished": "2018-05-31T16:00:00",
    "dateReserved": "2018-05-31T00:00:00",
    "dateUpdated": "2024-08-05T08:17:08.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13658
Vulnerability from cvelistv5
Published
2017-08-24 06:00
Modified
2024-08-05 19:05
Severity ?
Summary
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:05:19.142Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/598"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/598"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13658",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e5c063a1007506ba69e97a35effcdef944421c89"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870019"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/598",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/598"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13658",
    "datePublished": "2017-08-24T06:00:00",
    "dateReserved": "2017-08-23T00:00:00",
    "dateUpdated": "2024-08-05T19:05:19.142Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14531
Vulnerability from cvelistv5
Published
2017-09-18 01:00
Modified
2024-08-05 19:27
Severity ?
Summary
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
References
http://www.securityfocus.com/bid/100888vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/718x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100888",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100888"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/718"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100888",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100888"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/718"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14531",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100888",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100888"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/718",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/718"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14531",
    "datePublished": "2017-09-18T01:00:00",
    "dateReserved": "2017-09-17T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11536
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.257Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/567"
          },
          {
            "name": "100000",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100000"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/567"
        },
        {
          "name": "100000",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100000"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11536",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/567",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/567"
            },
            {
              "name": "100000",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100000"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11536",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12431
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service.
References
https://github.com/ImageMagick/ImageMagick/issues/555x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.173Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/555"
          },
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/555"
        },
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12431",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/555",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/555"
            },
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12431",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18251
Vulnerability from cvelistv5
Published
2018-03-27 03:00
Modified
2024-08-05 21:13
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/809x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/809"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/809"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18251",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/809",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/809"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18251",
    "datePublished": "2018-03-27T03:00:00",
    "dateReserved": "2018-03-26T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4298
Vulnerability from cvelistv5
Published
2013-09-10 19:00
Modified
2024-08-06 16:38
Severity ?
Summary
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:02.173Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1949-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1949-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=23921"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "54671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54671"
          },
          {
            "name": "54581",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54581"
          },
          {
            "name": "DSA-2750",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2750"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-09-18T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-1949-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1949-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=23921"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "54671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54671"
        },
        {
          "name": "54581",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54581"
        },
        {
          "name": "DSA-2750",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2750"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4298",
    "datePublished": "2013-09-10T19:00:00",
    "dateReserved": "2013-06-12T00:00:00",
    "dateUpdated": "2024-08-06T16:38:02.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13133
Vulnerability from cvelistv5
Published
2017-08-23 03:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100479",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100479"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/679"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:34",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100479",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100479"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/679"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13133",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100479",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100479"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/679",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/679"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13133",
    "datePublished": "2017-08-23T03:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13298
Vulnerability from cvelistv5
Published
2019-07-05 00:51
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.564Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1611"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1611"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13298",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/pixel-accessor.h in SetPixelViaPixelInfo because of a MagickCore/enhance.c error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1611",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1611"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13298",
    "datePublished": "2019-07-05T00:51:52",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.564Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-34475
Vulnerability from cvelistv5
Published
2023-06-16 00:00
Modified
2024-08-02 16:10
Severity ?
Summary
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:10:07.114Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-34475"
          },
          {
            "name": "FEDORA-2023-27548af422",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.1-10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap use after free issue was discovered in ImageMagick\u0027s ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 - Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-12T18:54:44.885Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214149"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-34475"
        },
        {
          "name": "FEDORA-2023-27548af422",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-34475",
    "datePublished": "2023-06-16T00:00:00",
    "dateReserved": "2023-06-07T00:00:00",
    "dateUpdated": "2024-08-02T16:10:07.114Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10046
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410448"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "name": "95183",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95183"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-23T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410448"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "name": "95183",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95183"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10046",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/989f9f88ea6db09b99d25586e912c921c0da8d3f"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410448",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410448"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "95183",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95183"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10046",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7528
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 02:04
Severity ?
Summary
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.762Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "name": "93226",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93226"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378760"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/99"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:48:37",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "name": "93226",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93226"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378760"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/99"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7528",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "93226",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93226"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537425"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378760",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378760"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/99",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/99"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ca0c886abd6d3ef335eb74150cd23b89ebd17135"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7be16a280014f895a951db4948df316a23dabc09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7528",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3744
Vulnerability from cvelistv5
Published
2006-08-25 01:00
Modified
2024-08-07 18:39
Severity ?
Summary
Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
References
http://secunia.com/advisories/21679third-party-advisory, x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=144854x_refsource_MISC
http://www.ubuntu.com/usn/usn-340-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/21780third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21671third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21832third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/28574vdb-entry, x_refsource_XF
http://www.novell.com/linux/security/advisories/2006_50_imagemagick.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/21615third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1168vendor-advisory, x_refsource_DEBIAN
https://issues.rpath.com/browse/RPL-605x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2006:155vendor-advisory, x_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-200609-14.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/21719third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/22096third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21621third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.ascvendor-advisory, x_refsource_SGI
http://www.vupen.com/english/advisories/2006/3375vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2006-0633.htmlvendor-advisory, x_refsource_REDHAT
http://securitytracker.com/id?1016749vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/22036third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/19699vdb-entry, x_refsource_BID
http://www.osvdb.org/28204vdb-entry, x_refsource_OSVDB
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:54.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21679"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=144854"
          },
          {
            "name": "USN-340-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-340-1"
          },
          {
            "name": "21780",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21780"
          },
          {
            "name": "21671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21671"
          },
          {
            "name": "21832",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21832"
          },
          {
            "name": "imagemagick-rasterfile-bo(28574)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28574"
          },
          {
            "name": "SUSE-SA:2006:050",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
          },
          {
            "name": "21615",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21615"
          },
          {
            "name": "DSA-1168",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1168"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-605"
          },
          {
            "name": "oval:org.mitre.oval:def:11486",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486"
          },
          {
            "name": "MDKSA-2006:155",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
          },
          {
            "name": "GLSA-200609-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
          },
          {
            "name": "21719",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21719"
          },
          {
            "name": "22096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22096"
          },
          {
            "name": "21621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21621"
          },
          {
            "name": "20060901-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
          },
          {
            "name": "ADV-2006-3375",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3375"
          },
          {
            "name": "RHSA-2006:0633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
          },
          {
            "name": "1016749",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016749"
          },
          {
            "name": "22036",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22036"
          },
          {
            "name": "19699",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19699"
          },
          {
            "name": "28204",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "21679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21679"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=144854"
        },
        {
          "name": "USN-340-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-340-1"
        },
        {
          "name": "21780",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21780"
        },
        {
          "name": "21671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21671"
        },
        {
          "name": "21832",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21832"
        },
        {
          "name": "imagemagick-rasterfile-bo(28574)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28574"
        },
        {
          "name": "SUSE-SA:2006:050",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_50_imagemagick.html"
        },
        {
          "name": "21615",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21615"
        },
        {
          "name": "DSA-1168",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1168"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-605"
        },
        {
          "name": "oval:org.mitre.oval:def:11486",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11486"
        },
        {
          "name": "MDKSA-2006:155",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:155"
        },
        {
          "name": "GLSA-200609-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200609-14.xml"
        },
        {
          "name": "21719",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21719"
        },
        {
          "name": "22096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22096"
        },
        {
          "name": "21621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21621"
        },
        {
          "name": "20060901-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc"
        },
        {
          "name": "ADV-2006-3375",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3375"
        },
        {
          "name": "RHSA-2006:0633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0633.html"
        },
        {
          "name": "1016749",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016749"
        },
        {
          "name": "22036",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22036"
        },
        {
          "name": "19699",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19699"
        },
        {
          "name": "28204",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28204"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-3744",
    "datePublished": "2006-08-25T01:00:00",
    "dateReserved": "2006-07-20T00:00:00",
    "dateUpdated": "2024-08-07T18:39:54.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8354
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/451x_refsource_CONFIRM
http://www.securityfocus.com/bid/98374vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:23.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/451"
          },
          {
            "name": "98374",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98374"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/451"
        },
        {
          "name": "98374",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98374"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8354",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/451",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/451"
            },
            {
              "name": "98374",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98374"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8354",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:23.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20310
Vulnerability from cvelistv5
Published
2021-05-11 22:30
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946728"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-11T22:30:40",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946728"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-20310",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick 7.0.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-369"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1946728",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946728"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20310",
    "datePublished": "2021-05-11T22:30:40",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-19949
Vulnerability from cvelistv5
Published
2019-12-24 00:06
Modified
2024-08-05 02:32
Severity ?
Summary
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.047Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1561"
          },
          {
            "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
          },
          {
            "name": "openSUSE-SU-2020:0170",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          },
          {
            "name": "USN-4549-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4549-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-30T19:06:32",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1561"
        },
        {
          "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
        },
        {
          "name": "openSUSE-SU-2020:0170",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        },
        {
          "name": "USN-4549-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4549-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19949",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1561",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1561"
            },
            {
              "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
            },
            {
              "name": "openSUSE-SU-2020:0170",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            },
            {
              "name": "USN-4549-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4549-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19949",
    "datePublished": "2019-12-24T00:06:26",
    "dateReserved": "2019-12-24T00:00:00",
    "dateUpdated": "2024-08-05T02:32:10.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-32546
Vulnerability from cvelistv5
Published
2022-06-16 00:00
Modified
2024-08-03 07:46
Severity ?
Summary
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:46:44.812Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick 6.9.12-44, ImageMagick 7.1.0-29"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick, causing an outside the range of representable values of type \u0027unsigned long\u0027 at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 - Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-32546",
    "datePublished": "2022-06-16T00:00:00",
    "dateReserved": "2022-06-08T00:00:00",
    "dateUpdated": "2024-08-03T07:46:44.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12430
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.439Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100157",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100157"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/546"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:28",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100157",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100157"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/546"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12430",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100157",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100157"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/546",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/546"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12430",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14326
Vulnerability from cvelistv5
Published
2017-09-12 08:00
Modified
2024-08-05 19:20
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/740x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/740"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/740"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14326",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/740",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/740"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14326",
    "datePublished": "2017-09-12T08:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-1610
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 19:01
Severity ?
Summary
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.
References
http://secunia.com/advisories/55035third-party-advisory, x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://www.openwall.com/lists/oss-security/2012/04/04/6mailing-list, x_refsource_MLIST
http://secunia.com/advisories/49043third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2012/dsa-2462vendor-advisory, x_refsource_DEBIAN
http://www.osvdb.org/81024vdb-entry, x_refsource_OSVDB
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259x_refsource_MISC
http://www.securityfocus.com/bid/52898vdb-entry, x_refsource_BID
http://ubuntu.com/usn/usn-1435-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/48974third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49317third-party-advisory, x_refsource_SECUNIA
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/74660vdb-entry, x_refsource_XF
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:01:02.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55035",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55035"
          },
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "name": "[oss-security] 20120404 CVE-2012-1610 assignment notification: ImageMagick insufficient patch  for CVE-2012-0259",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/04/04/6"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "81024",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/81024"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
          },
          {
            "name": "52898",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52898"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
          },
          {
            "name": "imagemagick-getexifproperty-dos(74660)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74660"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-04-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "55035",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55035"
        },
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "name": "[oss-security] 20120404 CVE-2012-1610 assignment notification: ImageMagick insufficient patch  for CVE-2012-0259",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/04/04/6"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "81024",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/81024"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
        },
        {
          "name": "52898",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52898"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
        },
        {
          "name": "imagemagick-getexifproperty-dos(74660)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74660"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-1610",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55035",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55035"
            },
            {
              "name": "openSUSE-SU-2012:0692",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
            },
            {
              "name": "[oss-security] 20120404 CVE-2012-1610 assignment notification: ImageMagick insufficient patch  for CVE-2012-0259",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/04/04/6"
            },
            {
              "name": "49043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49043"
            },
            {
              "name": "DSA-2462",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2462"
            },
            {
              "name": "81024",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/81024"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259"
            },
            {
              "name": "52898",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52898"
            },
            {
              "name": "USN-1435-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-1435-1"
            },
            {
              "name": "48974",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48974"
            },
            {
              "name": "49317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49317"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=4\u0026t=20629"
            },
            {
              "name": "imagemagick-getexifproperty-dos(74660)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74660"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-1610",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2012-03-12T00:00:00",
    "dateUpdated": "2024-08-06T19:01:02.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9845
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.580Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343503"
          },
          {
            "name": "openSUSE-SU-2016:2073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
          },
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2016:3060",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2016:1724",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2016:1783",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343503"
        },
        {
          "name": "openSUSE-SU-2016:2073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
        },
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2016:3060",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2016:1724",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2016:1783",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9845",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343503",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343503"
            },
            {
              "name": "openSUSE-SU-2016:2073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
            },
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2016:3060",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2016:1724",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2016:1783",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9845",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.580Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12418
Vulnerability from cvelistv5
Published
2017-08-04 00:00
Modified
2024-08-05 18:36
Severity ?
Summary
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
References
https://github.com/ImageMagick/ImageMagick/issues/643x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.183Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/643"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/643"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12418",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/643",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/643"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12418",
    "datePublished": "2017-08-04T00:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8897
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:29
Severity ?
Summary
The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.038Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=28466"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "91030",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91030"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-17T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=28466"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "91030",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91030"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8897",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=28466",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=28466"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "91030",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91030"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8897",
    "datePublished": "2017-03-15T19:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.038Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18023
Vulnerability from cvelistv5
Published
2018-10-07 18:00
Modified
2024-08-05 11:01
Severity ?
Summary
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.
References
https://github.com/ImageMagick/ImageMagick/issues/1336x_refsource_MISC
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1336"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1336"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1336",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1336"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18023",
    "datePublished": "2018-10-07T18:00:00",
    "dateReserved": "2018-10-07T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12667
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/553"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/bfb7915d4b2e11acb6a819e451c382dc645277db"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\\mat.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:39:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/553"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/bfb7915d4b2e11acb6a819e451c382dc645277db"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12667",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\\mat.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/553",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/553"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/bfb7915d4b2e11acb6a819e451c382dc645277db",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/bfb7915d4b2e11acb6a819e451c382dc645277db"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12667",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14624
Vulnerability from cvelistv5
Published
2017-09-21 05:00
Modified
2024-08-05 19:34
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100940",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100940"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/722"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:40",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100940",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100940"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/722"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14624",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100940",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100940"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/722",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/722"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14624",
    "datePublished": "2017-09-21T05:00:00",
    "dateReserved": "2017-09-21T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5358
Vulnerability from cvelistv5
Published
2018-01-12 09:00
Modified
2024-08-05 05:33
Severity ?
Summary
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/939x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:44.158Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/939"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/939"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-5358",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/939",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/939"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-5358",
    "datePublished": "2018-01-12T09:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T05:33:44.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-9133
Vulnerability from cvelistv5
Published
2018-03-30 08:00
Modified
2024-08-05 07:17
Severity ?
Summary
ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:51.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1072"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1072"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-9133",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1072",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1072"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-9133",
    "datePublished": "2018-03-30T08:00:00",
    "dateReserved": "2018-03-30T00:00:00",
    "dateUpdated": "2024-08-05T07:17:51.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10053
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410461"
          },
          {
            "name": "95179",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95179"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T21:34:38",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410461"
        },
        {
          "name": "95179",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95179"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f983dcdf9c178e0cbc49608a78713c5669aa1bb5"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410461",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410461"
            },
            {
              "name": "95179",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95179"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/728dc6a600cf4cbdac846964c85cc04339db8ac1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10053",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.128Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18252
Vulnerability from cvelistv5
Published
2018-03-27 03:00
Modified
2024-08-05 21:13
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/802x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/802"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/802"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18252",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/802",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/802"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18252",
    "datePublished": "2018-03-27T03:00:00",
    "dateReserved": "2018-03-26T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-1186
Vulnerability from cvelistv5
Published
2012-06-05 22:00
Modified
2024-08-06 18:53
Severity ?
Summary
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.
References
http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/49043third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2012/dsa-2462vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/51957vdb-entry, x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/76139vdb-entry, x_refsource_XF
http://www.openwall.com/lists/oss-security/2012/03/19/5mailing-list, x_refsource_MLIST
http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.cx_refsource_CONFIRM
http://secunia.com/advisories/47926third-party-advisory, x_refsource_SECUNIA
http://ubuntu.com/usn/usn-1435-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/48974third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49317third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/80555vdb-entry, x_refsource_OSVDB
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:53:36.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2012:0692",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
          },
          {
            "name": "49043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49043"
          },
          {
            "name": "DSA-2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2462"
          },
          {
            "name": "51957",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/51957"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186"
          },
          {
            "name": "imagemagick-syncimageprofiles-dos(76139)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76139"
          },
          {
            "name": "[oss-security] 20120319 Subject: CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete  ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/19/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c"
          },
          {
            "name": "47926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47926"
          },
          {
            "name": "USN-1435-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1435-1"
          },
          {
            "name": "48974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48974"
          },
          {
            "name": "49317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49317"
          },
          {
            "name": "80555",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/80555"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "openSUSE-SU-2012:0692",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html"
        },
        {
          "name": "49043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49043"
        },
        {
          "name": "DSA-2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2462"
        },
        {
          "name": "51957",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/51957"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1186"
        },
        {
          "name": "imagemagick-syncimageprofiles-dos(76139)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76139"
        },
        {
          "name": "[oss-security] 20120319 Subject: CVE-2012-1185 / CVE-2012-1186 assignment notification - incomplete  ImageMagick fixes for CVE-2012-0247 / CVE-2012-0248",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/19/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/6998/ImageMagick/branches/ImageMagick-6.7.5/magick/profile.c"
        },
        {
          "name": "47926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47926"
        },
        {
          "name": "USN-1435-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1435-1"
        },
        {
          "name": "48974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48974"
        },
        {
          "name": "49317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49317"
        },
        {
          "name": "80555",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/80555"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-1186",
    "datePublished": "2012-06-05T22:00:00",
    "dateReserved": "2012-02-14T00:00:00",
    "dateUpdated": "2024-08-06T18:53:36.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-18853
Vulnerability from cvelistv5
Published
2019-11-11 14:36
Modified
2024-08-05 02:02
Severity ?
Summary
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:02:39.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://fortiguard.com/zeroday/FG-VD-19-136"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-11T14:36:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://fortiguard.com/zeroday/FG-VD-19-136"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-18853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://fortiguard.com/zeroday/FG-VD-19-136",
              "refsource": "MISC",
              "url": "https://fortiguard.com/zeroday/FG-VD-19-136"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-18853",
    "datePublished": "2019-11-11T14:36:15",
    "dateReserved": "2019-11-11T00:00:00",
    "dateUpdated": "2024-08-05T02:02:39.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-29599
Vulnerability from cvelistv5
Published
2020-12-07 00:00
Modified
2024-08-04 16:55
Severity ?
Summary
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:55:10.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/discussions/2851"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "GLSA-202101-36",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202101-36"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/discussions/2851"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "GLSA-202101-36",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202101-36"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-29599",
    "datePublished": "2020-12-07T00:00:00",
    "dateReserved": "2020-12-07T00:00:00",
    "dateUpdated": "2024-08-04T16:55:10.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8347
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/441x_refsource_CONFIRM
http://www.securityfocus.com/bid/98363vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/441"
          },
          {
            "name": "98363",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98363"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/441"
        },
        {
          "name": "98363",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98363"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8347",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/441",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/441"
            },
            {
              "name": "98363",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98363"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8347",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20311
Vulnerability from cvelistv5
Published
2021-05-11 22:30
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.623Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-11T22:30:47",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-20311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick 7.0.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-369"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20311",
    "datePublished": "2021-05-11T22:30:47",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.623Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9849
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343509"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The png coder in ImageMagick allows remote attackers to cause a denial of service (crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343509"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9849",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The png coder in ImageMagick allows remote attackers to cause a denial of service (crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343509",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343509"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9849",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-19948
Vulnerability from cvelistv5
Published
2019-12-24 00:07
Modified
2024-08-05 02:32
Severity ?
Summary
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.499Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1562"
          },
          {
            "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
          },
          {
            "name": "openSUSE-SU-2020:0170",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          },
          {
            "name": "USN-4549-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4549-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-30T19:06:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1562"
        },
        {
          "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
        },
        {
          "name": "openSUSE-SU-2020:0170",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        },
        {
          "name": "USN-4549-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4549-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19948",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1562",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1562"
            },
            {
              "name": "[debian-lts-announce] 20191229 [SECURITY] [DLA 2049-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html"
            },
            {
              "name": "openSUSE-SU-2020:0170",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            },
            {
              "name": "USN-4549-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4549-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19948",
    "datePublished": "2019-12-24T00:07:19",
    "dateReserved": "2019-12-24T00:00:00",
    "dateUpdated": "2024-08-05T02:32:10.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14341
Vulnerability from cvelistv5
Published
2017-09-12 17:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/654"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T20:41:27",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/654"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14341",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/654",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/654"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14341",
    "datePublished": "2017-09-12T17:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12669
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/571"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/73b6c35cede48ccb2e29dbe62c2d77488e5e70b7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T16:29:53",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/571"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/73b6c35cede48ccb2e29dbe62c2d77488e5e70b7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12669",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/571",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/571"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/73b6c35cede48ccb2e29dbe62c2d77488e5e70b7",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/73b6c35cede48ccb2e29dbe62c2d77488e5e70b7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12669",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10070
Vulnerability from cvelistv5
Published
2017-03-03 18:00
Modified
2024-08-06 03:07
Severity ?
Summary
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.118Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "name": "95221",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95221"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410510"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:32:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "name": "95221",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95221"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410510"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10070",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545366"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "95221",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95221"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b173a352397877775c51c9a0e9d59eb6ce24c455"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410510",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410510"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a6240a163cb787909703d9fc649cf861f60ddd7c"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10070",
    "datePublished": "2017-03-03T18:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12975
Vulnerability from cvelistv5
Published
2019-06-26 17:08
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1517x_refsource_MISC
http://www.securityfocus.com/bid/108913vdb-entry, x_refsource_BID
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.htmlvendor-advisory, x_refsource_SUSE
https://usn.ubuntu.com/4192-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2020/dsa-4712vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:09.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1517"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1517"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12975",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1517",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1517"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12975",
    "datePublished": "2019-06-26T17:08:07",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:09.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1000445
Vulnerability from cvelistv5
Published
2018-01-02 15:00
Modified
2024-08-05 22:00
Severity ?
Summary
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:00:41.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102368",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102368"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/775"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-12-29T00:00:00",
      "datePublic": "2017-09-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:38",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102368",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102368"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/775"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-12-29",
          "ID": "CVE-2017-1000445",
          "REQUESTER": "viennadd@gmail.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102368",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102368"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/775",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/775"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000445",
    "datePublished": "2018-01-02T15:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T22:00:41.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7606
Vulnerability from cvelistv5
Published
2017-04-09 14:00
Modified
2024-08-05 16:04
Severity ?
Summary
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:12.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98685"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/rle.c in ImageMagick 7.0.5-4 has an \"outside the range of representable values of type unsigned char\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98685"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7606",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/rle.c in ImageMagick 7.0.5-4 has an \"outside the range of representable values of type unsigned char\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98685"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7606",
    "datePublished": "2017-04-09T14:00:00",
    "dateReserved": "2017-04-09T00:00:00",
    "dateUpdated": "2024-08-05T16:04:12.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27775
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:25
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:42.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27775",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:25:42.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5688
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:07
Severity ?
Summary
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4"
          },
          {
            "name": "91283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91283"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f"
          },
          {
            "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7"
          },
          {
            "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4"
        },
        {
          "name": "91283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91283"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f"
        },
        {
          "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7"
        },
        {
          "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5688",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.1-5"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commits/6.9.4-4"
            },
            {
              "name": "91283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91283"
            },
            {
              "name": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html",
              "refsource": "MISC",
              "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f"
            },
            {
              "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7"
            },
            {
              "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5688",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8900
Vulnerability from cvelistv5
Published
2017-02-27 22:00
Modified
2024-08-06 08:29
Severity ?
Summary
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:29:22.144Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
          },
          {
            "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195260"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/17846"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/17845"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-27T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
        },
        {
          "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195260"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/17846"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/17845"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8900",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13"
            },
            {
              "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195260",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195260"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6"
            },
            {
              "name": "http://trac.imagemagick.org/changeset/17846",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/17846"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26929",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26929"
            },
            {
              "name": "http://trac.imagemagick.org/changeset/17845",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/17845"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8900",
    "datePublished": "2017-02-27T22:00:00",
    "dateReserved": "2016-06-05T00:00:00",
    "dateUpdated": "2024-08-06T08:29:22.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-1289
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-08-02 05:40
Severity ?
Summary
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:40:59.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176858"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4"
          },
          {
            "name": "[debian-lts-announce] 20240222 [SECURITY] [DLA 3737-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed-in ImageMagick v7.1.1-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in \"/tmp,\" resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 - Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-22T11:05:57.967466",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176858"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4"
        },
        {
          "name": "[debian-lts-announce] 20240222 [SECURITY] [DLA 3737-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1289",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2023-03-09T00:00:00",
    "dateUpdated": "2024-08-02T05:40:59.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8957
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 08:36
Severity ?
Summary
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:36:30.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26838"
          },
          {
            "name": "93125",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93125"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378735"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26838"
        },
        {
          "name": "93125",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93125"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378735"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2015-8957",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26838",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26838"
            },
            {
              "name": "93125",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93125"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378735",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378735"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2015-8957",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-20T00:00:00",
    "dateUpdated": "2024-08-06T08:36:30.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11539
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99936",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99936"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/582"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99936",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99936"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/582"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99936",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99936"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/582",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/582"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11539",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11251
Vulnerability from cvelistv5
Published
2018-05-18 19:00
Modified
2024-08-05 08:01
Severity ?
Summary
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:01:52.915Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
          },
          {
            "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/956"
          },
          {
            "name": "DSA-4245",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4245"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-27T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
        },
        {
          "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/956"
        },
        {
          "name": "DSA-4245",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4245"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11251",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180523 [SECURITY] [DLA 1381-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00012.html"
            },
            {
              "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/956",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/956"
            },
            {
              "name": "DSA-4245",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4245"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11251",
    "datePublished": "2018-05-18T19:00:00",
    "dateReserved": "2018-05-18T00:00:00",
    "dateUpdated": "2024-08-05T08:01:52.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3610
Vulnerability from cvelistv5
Published
2022-02-24 00:00
Modified
2024-08-03 17:01
Severity ?
Summary
A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:07.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973689"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3"
          },
          {
            "name": "[oss-security] 20230529 Update CVE-2021-3610: ImageMagick",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/29/4"
          },
          {
            "name": "[oss-security] 20230605 RE: Update CVE-2021-3610",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/06/05/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11-14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-05T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973689"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3"
        },
        {
          "name": "[oss-security] 20230529 Update CVE-2021-3610: ImageMagick",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/05/29/4"
        },
        {
          "name": "[oss-security] 20230605 RE: Update CVE-2021-3610",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/06/05/1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3610",
    "datePublished": "2022-02-24T00:00:00",
    "dateReserved": "2021-06-18T00:00:00",
    "dateUpdated": "2024-08-03T17:01:07.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11624
Vulnerability from cvelistv5
Published
2018-05-31 16:00
Modified
2024-09-16 19:00
Severity ?
Summary
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:08.102Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1149"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-31T16:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1149"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11624",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1149",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1149"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11624",
    "datePublished": "2018-05-31T16:00:00Z",
    "dateReserved": "2018-05-31T00:00:00Z",
    "dateUpdated": "2024-09-16T19:00:50.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10065
Vulnerability from cvelistv5
Published
2017-03-03 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/129"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410482"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "name": "95213",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95213"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-24T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/129"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410482"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "name": "95213",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95213"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10065",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/129",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/129"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410482",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410482"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "95213",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95213"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/134463b926fa965571aa4febd61b810be5e7da05"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10065",
    "datePublished": "2017-03-03T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17884
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/902x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.389Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/902"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/902"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17884",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/902",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/902"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17884",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10067
Vulnerability from cvelistv5
Published
2017-03-02 21:00
Modified
2024-08-06 03:07
Severity ?
Summary
magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.093Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410494"
          },
          {
            "name": "95220",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95220"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving \"too many exceptions,\" which trigger a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410494"
        },
        {
          "name": "95220",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95220"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10067",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving \"too many exceptions,\" which trigger a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/0474237508f39c4f783208123431815f1ededb76"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410494",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410494"
            },
            {
              "name": "95220",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95220"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10067",
    "datePublished": "2017-03-02T21:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.093Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15016
Vulnerability from cvelistv5
Published
2017-10-04 07:00
Modified
2024-08-05 19:42
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/725x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.257Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/725"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/725"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/725",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/725"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15016",
    "datePublished": "2017-10-04T07:00:00",
    "dateReserved": "2017-10-03T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.257Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-15140
Vulnerability from cvelistv5
Published
2019-08-18 18:31
Modified
2024-08-05 00:34
Severity ?
Summary
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:34:53.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1554"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0"
          },
          {
            "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-03T11:06:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1554"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0"
        },
        {
          "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1554",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1554"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0"
            },
            {
              "name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15140",
    "datePublished": "2019-08-18T18:31:06",
    "dateReserved": "2019-08-18T00:00:00",
    "dateUpdated": "2024-08-05T00:34:53.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8355
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/450x_refsource_CONFIRM
http://www.securityfocus.com/bid/98380vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.597Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/450"
          },
          {
            "name": "98380",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98380"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/450"
        },
        {
          "name": "98380",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98380"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8355",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/450",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/450"
            },
            {
              "name": "98380",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98380"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8355",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6500
Vulnerability from cvelistv5
Published
2017-03-06 02:00
Modified
2024-08-05 15:33
Severity ?
Summary
An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.102Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/856879"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/376"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/375"
          },
          {
            "name": "96592",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96592"
          },
          {
            "name": "DSA-3808",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3808"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/856879"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/376"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/375"
        },
        {
          "name": "96592",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96592"
        },
        {
          "name": "DSA-3808",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3808"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6500",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528"
            },
            {
              "name": "https://bugs.debian.org/856879",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/856879"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/376",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/376"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/375",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/375"
            },
            {
              "name": "96592",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96592"
            },
            {
              "name": "DSA-3808",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3808"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6500",
    "datePublished": "2017-03-06T02:00:00",
    "dateReserved": "2017-03-05T00:00:00",
    "dateUpdated": "2024-08-05T15:33:20.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7535
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378768"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378768"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/128",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/128"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378768",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378768"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1545180"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7535",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18544
Vulnerability from cvelistv5
Published
2018-10-21 01:00
Modified
2024-08-05 11:15
Severity ?
Summary
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:15:58.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1360"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1360"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1360",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1360"
            },
            {
              "name": "http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog",
              "refsource": "MISC",
              "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18544",
    "datePublished": "2018-10-21T01:00:00",
    "dateReserved": "2018-10-20T00:00:00",
    "dateUpdated": "2024-08-05T11:15:58.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25667
Vulnerability from cvelistv5
Published
2020-12-08 20:57
Modified
2024-08-04 15:40
Severity ?
Summary
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891613"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `\"dc:format=\\\"image/dng\\\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-08T20:57:59",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891613"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-25667",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.9-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `\"dc:format=\\\"image/dng\\\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122-\u003eCWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1891613",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891613"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25667",
    "datePublished": "2020-12-08T20:57:59",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9811
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.753Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343467"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=914da276f717b3e21e5af6614887af14af87a9b8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343467"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=914da276f717b3e21e5af6614887af14af87a9b8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9811",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343467",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343467"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=914da276f717b3e21e5af6614887af14af87a9b8",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=914da276f717b3e21e5af6614887af14af87a9b8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9811",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9500
Vulnerability from cvelistv5
Published
2017-06-07 14:00
Modified
2024-08-05 17:11
Severity ?
Summary
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.762Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98941",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98941"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/500"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98941",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98941"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/500"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9500",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98941",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98941"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/500",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/500"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9500",
    "datePublished": "2017-06-07T14:00:00",
    "dateReserved": "2017-06-07T00:00:00",
    "dateUpdated": "2024-08-05T17:11:01.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1739
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
Summary
The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.
References
http://www.osvdb.org/16775vdb-entry, x_refsource_OSVDB
http://security.gentoo.org/glsa/glsa-200505-16.xmlvendor-advisory, x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2005:107vendor-advisory, x_refsource_MANDRAKE
http://www.securityfocus.com/bid/13705vdb-entry, x_refsource_BID
http://www.osvdb.org/16774vdb-entry, x_refsource_OSVDB
http://www.redhat.com/support/errata/RHSA-2005-480.htmlvendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/132-1/vendor-advisory, x_refsource_UBUNTU
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960vdb-entry, signature, x_refsource_OVAL
http://bugs.gentoo.org/show_bug.cgi?id=90423x_refsource_MISC
http://secunia.com/advisories/15429third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/15446third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/15453third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667vdb-entry, signature, x_refsource_OVAL
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:24.192Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16775",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/16775"
          },
          {
            "name": "GLSA-200505-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200505-16.xml"
          },
          {
            "name": "MDKSA-2005:107",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
          },
          {
            "name": "13705",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13705"
          },
          {
            "name": "16774",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/16774"
          },
          {
            "name": "RHSA-2005:480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-480.html"
          },
          {
            "name": "USN-132-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/132-1/"
          },
          {
            "name": "oval:org.mitre.oval:def:960",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
          },
          {
            "name": "15429",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15429"
          },
          {
            "name": "15446",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15446"
          },
          {
            "name": "15453",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15453"
          },
          {
            "name": "oval:org.mitre.oval:def:11667",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "16775",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/16775"
        },
        {
          "name": "GLSA-200505-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200505-16.xml"
        },
        {
          "name": "MDKSA-2005:107",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
        },
        {
          "name": "13705",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13705"
        },
        {
          "name": "16774",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/16774"
        },
        {
          "name": "RHSA-2005:480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-480.html"
        },
        {
          "name": "USN-132-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/132-1/"
        },
        {
          "name": "oval:org.mitre.oval:def:960",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
        },
        {
          "name": "15429",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15429"
        },
        {
          "name": "15446",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15446"
        },
        {
          "name": "15453",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15453"
        },
        {
          "name": "oval:org.mitre.oval:def:11667",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "16775",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/16775"
            },
            {
              "name": "GLSA-200505-16",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200505-16.xml"
            },
            {
              "name": "MDKSA-2005:107",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:107"
            },
            {
              "name": "13705",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13705"
            },
            {
              "name": "16774",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/16774"
            },
            {
              "name": "RHSA-2005:480",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-480.html"
            },
            {
              "name": "USN-132-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/132-1/"
            },
            {
              "name": "oval:org.mitre.oval:def:960",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=90423",
              "refsource": "MISC",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=90423"
            },
            {
              "name": "15429",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15429"
            },
            {
              "name": "15446",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15446"
            },
            {
              "name": "15453",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15453"
            },
            {
              "name": "oval:org.mitre.oval:def:11667",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1739",
    "datePublished": "2005-05-24T04:00:00",
    "dateReserved": "2005-05-24T00:00:00",
    "dateUpdated": "2024-08-07T21:59:24.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-13902
Vulnerability from cvelistv5
Published
2020-06-07 17:06
Modified
2024-08-04 12:32
Severity ?
Summary
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:32:14.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20920"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-07T17:06:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20920"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13902",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20920",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20920"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13902",
    "datePublished": "2020-06-07T17:06:04",
    "dateReserved": "2020-06-07T00:00:00",
    "dateUpdated": "2024-08-04T12:32:14.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-17967
Vulnerability from cvelistv5
Published
2018-10-03 18:00
Modified
2024-09-16 20:57
Severity ?
Summary
ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.752Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1051"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T18:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1051"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17967",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1051",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1051"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17967",
    "datePublished": "2018-10-03T18:00:00Z",
    "dateReserved": "2018-10-03T00:00:00Z",
    "dateUpdated": "2024-09-16T20:57:26.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-2440
Vulnerability from cvelistv5
Published
2006-05-18 10:00
Modified
2024-08-07 17:51
Severity ?
Summary
Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481vdb-entry, signature, x_refsource_OVAL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595x_refsource_CONFIRM
http://www.debian.org/security/2006/dsa-1168vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/24284third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21719third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24186third-party-advisory, x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascvendor-advisory, x_refsource_SGI
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:51:04.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:9481",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595"
          },
          {
            "name": "DSA-1168",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1168"
          },
          {
            "name": "24284",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24284"
          },
          {
            "name": "21719",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21719"
          },
          {
            "name": "RHSA-2007:0015",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
          },
          {
            "name": "24186",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24186"
          },
          {
            "name": "20070201-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-11T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:9481",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595"
        },
        {
          "name": "DSA-1168",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1168"
        },
        {
          "name": "24284",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24284"
        },
        {
          "name": "21719",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21719"
        },
        {
          "name": "RHSA-2007:0015",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
        },
        {
          "name": "24186",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24186"
        },
        {
          "name": "20070201-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2440",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:9481",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595"
            },
            {
              "name": "DSA-1168",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1168"
            },
            {
              "name": "24284",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24284"
            },
            {
              "name": "21719",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21719"
            },
            {
              "name": "RHSA-2007:0015",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0015.html"
            },
            {
              "name": "24186",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24186"
            },
            {
              "name": "20070201-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-2440",
    "datePublished": "2006-05-18T10:00:00",
    "dateReserved": "2006-05-17T00:00:00",
    "dateUpdated": "2024-08-07T17:51:04.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18250
Vulnerability from cvelistv5
Published
2018-03-27 03:00
Modified
2024-08-05 21:13
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/793"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-27T03:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/793"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18250",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/793",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/793"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18250",
    "datePublished": "2018-03-27T03:00:00",
    "dateReserved": "2018-03-26T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.269Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8348
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98364vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/445x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98364",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98364"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/445"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98364",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98364"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/445"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8348",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98364",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98364"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/445",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/445"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8348",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.630Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15217
Vulnerability from cvelistv5
Published
2017-10-10 20:00
Modified
2024-08-05 19:50
Severity ?
Summary
ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.
References
http://www.securityfocus.com/bid/101231vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/759x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "101231",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101231"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/759"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "101231",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101231"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/759"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "101231",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101231"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/759",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/759"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15217",
    "datePublished": "2017-10-10T20:00:00",
    "dateReserved": "2017-10-10T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11141
Vulnerability from cvelistv5
Published
2017-07-10 03:00
Modified
2024-08-05 17:57
Severity ?
Summary
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:57:57.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99506",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/469"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadMATImage function in coders\\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-11T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99506",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/469"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11141",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadMATImage function in coders\\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99506",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99506"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/469",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/469"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11141",
    "datePublished": "2017-07-10T03:00:00",
    "dateReserved": "2017-07-09T00:00:00",
    "dateUpdated": "2024-08-05T17:57:57.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8959
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 08:36
Severity ?
Summary
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:36:30.837Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "93230",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93230"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26861"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T16:29:36",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "93230",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93230"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26861"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2015-8959",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "93230",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93230"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26861",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26861"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2015-8959",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-20T00:00:00",
    "dateUpdated": "2024-08-06T08:36:30.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7520
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 01:57
Severity ?
Summary
Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.655Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/90"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378747"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/90"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378747"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7520",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537213"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/14e606db148d6ebcaae20f1e1d6d71903ca4a556"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/90",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/90"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378747",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378747"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7520",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-3745
Vulnerability from cvelistv5
Published
2023-07-24 15:19
Modified
2024-08-20 14:48
Summary
Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3745",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T13:40:47.945959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:17:34.056Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:01:57.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-3745"
          },
          {
            "name": "RHBZ#2223557",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223557"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1857"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "ImageMagick",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2020-03-02T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow issue was found in ImageMagick\u0027s PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-20T14:48:34.924Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-3745"
        },
        {
          "name": "RHBZ#2223557",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223557"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1857"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-18T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2020-03-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h",
      "x_redhatCweChain": "CWE-122-\u003eCWE-125: Heap-based Buffer Overflow leads to Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-3745",
    "datePublished": "2023-07-24T15:19:23.319Z",
    "dateReserved": "2023-07-18T08:04:50.631Z",
    "dateUpdated": "2024-08-20T14:48:34.924Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14741
Vulnerability from cvelistv5
Published
2017-09-26 02:00
Modified
2024-08-05 19:34
Severity ?
Summary
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/771"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/771"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14741",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/771",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/771"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14741",
    "datePublished": "2017-09-26T02:00:00",
    "dateReserved": "2017-09-25T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12428
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
References
https://github.com/ImageMagick/ImageMagick/issues/544x_refsource_CONFIRM
http://www.securityfocus.com/bid/100145vdb-entry, x_refsource_BID
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.396Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/544"
          },
          {
            "name": "100145",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100145"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-06T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/544"
        },
        {
          "name": "100145",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100145"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12428",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/544",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/544"
            },
            {
              "name": "100145",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100145"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12428",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11750
Vulnerability from cvelistv5
Published
2017-07-30 17:00
Modified
2024-08-05 18:19
Severity ?
Summary
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:19:38.660Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/632"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-30T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/632"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11750",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/632",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/632"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11750",
    "datePublished": "2017-07-30T17:00:00",
    "dateReserved": "2017-07-30T00:00:00",
    "dateUpdated": "2024-08-05T18:19:38.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12806
Vulnerability from cvelistv5
Published
2019-05-09 15:11
Modified
2024-08-05 18:51
Severity ?
Summary
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:06.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/660"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "FEDORA-2019-da4c20882c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
          },
          {
            "name": "FEDORA-2019-425a1aa7c9",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/660"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "FEDORA-2019-da4c20882c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
        },
        {
          "name": "FEDORA-2019-425a1aa7c9",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/660",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/660"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "FEDORA-2019-da4c20882c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
            },
            {
              "name": "FEDORA-2019-425a1aa7c9",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12806",
    "datePublished": "2019-05-09T15:11:54",
    "dateReserved": "2017-08-11T00:00:00",
    "dateUpdated": "2024-08-05T18:51:06.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18027
Vulnerability from cvelistv5
Published
2018-01-12 20:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
References
http://www.securityfocus.com/bid/102527vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/734x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:50.129Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102527",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102527"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/734"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102527",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102527"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/734"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18027",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102527",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102527"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/734",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/734"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18027",
    "datePublished": "2018-01-12T20:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T21:06:50.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18254
Vulnerability from cvelistv5
Published
2018-03-27 03:00
Modified
2024-08-05 21:13
Severity ?
Summary
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/808x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:13:49.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/808"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/808"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18254",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/808",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/808"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18254",
    "datePublished": "2018-03-27T03:00:00",
    "dateReserved": "2018-03-26T00:00:00",
    "dateUpdated": "2024-08-05T21:13:49.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-17541
Vulnerability from cvelistv5
Published
2019-10-14 01:06
Modified
2024-08-05 01:40
Severity ?
Summary
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1641"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-14T01:06:43",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1641"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17541",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1641",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1641"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55"
            },
            {
              "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-17541",
    "datePublished": "2019-10-14T01:06:43",
    "dateReserved": "2019-10-14T00:00:00",
    "dateUpdated": "2024-08-05T01:40:15.944Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12670
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100252",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100252"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/610"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:25",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100252",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100252"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/610"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12670",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100252",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100252"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/610",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/610"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12670",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-10650
Vulnerability from cvelistv5
Published
2019-03-30 13:14
Modified
2024-08-04 22:31
Severity ?
Summary
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:31:59.928Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1532"
          },
          {
            "name": "107646",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107646"
          },
          {
            "name": "DSA-4436",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4436"
          },
          {
            "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Apr/37"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "openSUSE-SU-2019:1331",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1532"
        },
        {
          "name": "107646",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107646"
        },
        {
          "name": "DSA-4436",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4436"
        },
        {
          "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Apr/37"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "openSUSE-SU-2019:1331",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-10650",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1532",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1532"
            },
            {
              "name": "107646",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107646"
            },
            {
              "name": "DSA-4436",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4436"
            },
            {
              "name": "20190429 [SECURITY] [DSA 4436-1] imagemagick security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Apr/37"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "openSUSE-SU-2019:1331",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-10650",
    "datePublished": "2019-03-30T13:14:06",
    "dateReserved": "2019-03-30T00:00:00",
    "dateUpdated": "2024-08-04T22:31:59.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7275
Vulnerability from cvelistv5
Published
2017-03-27 18:00
Modified
2024-08-05 15:56
Severity ?
Summary
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:56:36.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/"
          },
          {
            "name": "97166",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97166"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-29T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/"
        },
        {
          "name": "97166",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97166"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7275",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/271",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/271"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/"
            },
            {
              "name": "97166",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97166"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7275",
    "datePublished": "2017-03-27T18:00:00",
    "dateReserved": "2017-03-27T00:00:00",
    "dateUpdated": "2024-08-05T15:56:36.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11655
Vulnerability from cvelistv5
Published
2018-06-01 15:00
Modified
2024-08-05 08:17
Severity ?
Summary
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/930x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:08.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/930"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/930"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11655",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/930",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/930"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11655",
    "datePublished": "2018-06-01T15:00:00",
    "dateReserved": "2018-06-01T00:00:00",
    "dateUpdated": "2024-08-05T08:17:08.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7943
Vulnerability from cvelistv5
Published
2017-04-18 19:00
Modified
2024-08-05 16:19
Severity ?
Summary
The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
References
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/97956vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/427x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:29.403Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "name": "97956",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97956"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/427"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "name": "97956",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97956"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/427"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7943",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "97956",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97956"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/427",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/427"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7943",
    "datePublished": "2017-04-18T19:00:00",
    "dateReserved": "2017-04-18T00:00:00",
    "dateUpdated": "2024-08-05T16:19:29.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9499
Vulnerability from cvelistv5
Published
2017-06-07 14:00
Modified
2024-08-05 17:11
Severity ?
Summary
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/492"
          },
          {
            "name": "98944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98944"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-09T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/492"
        },
        {
          "name": "98944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98944"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9499",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/492",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/492"
            },
            {
              "name": "98944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98944"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7fd419441bc7103398e313558171d342c6315f44"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9499",
    "datePublished": "2017-06-07T14:00:00",
    "dateReserved": "2017-06-07T00:00:00",
    "dateUpdated": "2024-08-05T17:11:01.593Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9841
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343499"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to \"throwing of exceptions.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343499"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9841",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to \"throwing of exceptions.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343499",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343499"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=f9ef11671c41da4cf973d0d880af1cdfbd127860"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9841",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17914
Vulnerability from cvelistv5
Published
2017-12-26 20:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/908"
          },
          {
            "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/908"
        },
        {
          "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17914",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/908",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/908"
            },
            {
              "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17914",
    "datePublished": "2017-12-26T20:00:00",
    "dateReserved": "2017-12-26T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5357
Vulnerability from cvelistv5
Published
2018-01-12 09:00
Modified
2024-08-05 05:33
Severity ?
Summary
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/102497vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/941x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:44.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "102497",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102497"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/941"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "102497",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102497"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/941"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-5357",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "102497",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102497"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/941",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/941"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-5357",
    "datePublished": "2018-01-12T09:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T05:33:44.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8355
Vulnerability from cvelistv5
Published
2017-04-11 19:00
Modified
2024-08-06 13:18
Severity ?
Summary
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:47.880Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html"
          },
          {
            "name": "70839",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70839"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-11T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html"
        },
        {
          "name": "70839",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70839"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158523"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8355",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
            },
            {
              "name": "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html",
              "refsource": "MISC",
              "url": "https://int21.de/cve/CVE-2014-8355-ImageMagick-pcx-oob-heap-overflow.html"
            },
            {
              "name": "70839",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70839"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1158523",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158523"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8355",
    "datePublished": "2017-04-11T19:00:00",
    "dateReserved": "2014-10-20T00:00:00",
    "dateUpdated": "2024-08-06T13:18:47.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9828
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=460547be494cc8c039b99b65e64a1fa2eb08ab5c"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343484"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=460547be494cc8c039b99b65e64a1fa2eb08ab5c"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343484"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9828",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=460547be494cc8c039b99b65e64a1fa2eb08ab5c",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=460547be494cc8c039b99b65e64a1fa2eb08ab5c"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343484",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343484"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9828",
    "datePublished": "2017-08-07T20:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12429
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/545x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2020/09/msg00007.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/545"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/545"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12429",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/545",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/545"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12429",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13300
Vulnerability from cvelistv5
Published
2019-07-05 00:52
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.117Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1586"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-03T11:06:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1586"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1586",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1586"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13300",
    "datePublished": "2019-07-05T00:52:17",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9834
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.757Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9834",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9834",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3596
Vulnerability from cvelistv5
Published
2022-02-24 00:00
Modified
2024-08-03 17:01
Severity ?
Summary
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:07.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/2624"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970569"
          },
          {
            "name": "[debian-lts-announce] 20220514 [SECURITY] [DLA-3007-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.10-31"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2\u0027s xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/2624"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970569"
        },
        {
          "name": "[debian-lts-announce] 20220514 [SECURITY] [DLA-3007-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3596",
    "datePublished": "2022-02-24T00:00:00",
    "dateReserved": "2021-06-10T00:00:00",
    "dateUpdated": "2024-08-03T17:01:07.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5510
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88"
          },
          {
            "name": "95755",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95755"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/348"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88"
        },
        {
          "name": "95755",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95755"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/348"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5510",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/91cc3f36f2ccbd485a0456bab9aebe63b635da88"
            },
            {
              "name": "95755",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95755"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851376"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/348",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/348"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e87af64b1ff1635a32d9b6162f1b0e260fb54ed9"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5510",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:15.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12663
Vulnerability from cvelistv5
Published
2017-08-07 21:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.570Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/573"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1dc0ac5016f1c4d50b100a086526d6a2453a5444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:05:32",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/573"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1dc0ac5016f1c4d50b100a086526d6a2453a5444"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12663",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/573",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/573"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1dc0ac5016f1c4d50b100a086526d6a2453a5444",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1dc0ac5016f1c4d50b100a086526d6a2453a5444"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12663",
    "datePublished": "2017-08-07T21:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27756
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.709Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894233"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369-\u003eCWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894233"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27756",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20244
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928959"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/3194"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.10-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928959"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/pull/3194"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20244",
    "datePublished": "2021-03-09T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13135
Vulnerability from cvelistv5
Published
2019-07-01 19:27
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1599"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K20336394"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K20336394?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1599"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K20336394"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K20336394?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13135",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1599",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1599"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K20336394",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K20336394"
            },
            {
              "name": "https://support.f5.com/csp/article/K20336394?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K20336394?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13135",
    "datePublished": "2019-07-01T19:27:35",
    "dateReserved": "2019-07-01T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9820
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343476"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343476"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343476",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343476"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9820",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15607
Vulnerability from cvelistv5
Published
2018-08-21 15:00
Modified
2024-08-05 10:01
Severity ?
Summary
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/1255x_refsource_MISC
http://www.securityfocus.com/bid/105137vdb-entry, x_refsource_BID
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:01:53.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1255"
          },
          {
            "name": "105137",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105137"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-08-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1255"
        },
        {
          "name": "105137",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105137"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-15607",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1255",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1255"
            },
            {
              "name": "105137",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105137"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-15607",
    "datePublished": "2018-08-21T15:00:00",
    "dateReserved": "2018-08-21T00:00:00",
    "dateUpdated": "2024-08-05T10:01:53.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-13153
Vulnerability from cvelistv5
Published
2018-07-05 02:00
Modified
2024-08-05 08:52
Severity ?
Summary
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1195x_refsource_CONFIRM
http://www.securitytracker.com/id/1041219vdb-entry, x_refsource_SECTRACK
https://usn.ubuntu.com/3711-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/104687vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:52:50.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1195"
          },
          {
            "name": "1041219",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041219"
          },
          {
            "name": "USN-3711-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3711-1/"
          },
          {
            "name": "104687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104687"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-12T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1195"
        },
        {
          "name": "1041219",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041219"
        },
        {
          "name": "USN-3711-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3711-1/"
        },
        {
          "name": "104687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104687"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-13153",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1195",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1195"
            },
            {
              "name": "1041219",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041219"
            },
            {
              "name": "USN-3711-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3711-1/"
            },
            {
              "name": "104687",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104687"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-13153",
    "datePublished": "2018-07-05T02:00:00",
    "dateReserved": "2018-07-04T00:00:00",
    "dateUpdated": "2024-08-05T08:52:50.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7534
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.928Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378767"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/126"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378767"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/126"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7534",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542785"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378767",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378767"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/126",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/126"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/430403b0029b37decf216d57f810899cab2317dd"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7534",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-14435
Vulnerability from cvelistv5
Published
2018-07-20 00:00
Modified
2024-08-05 09:29
Severity ?
Summary
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1193x_refsource_MISC
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:29:51.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1193"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-05T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1193"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14435",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1193",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1193"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14435",
    "datePublished": "2018-07-20T00:00:00",
    "dateReserved": "2018-07-19T00:00:00",
    "dateUpdated": "2024-08-05T09:29:51.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12140
Vulnerability from cvelistv5
Published
2017-08-02 05:00
Modified
2024-08-05 18:28
Severity ?
Summary
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100096",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100096"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/533"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDCMImage function in coders\\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100096",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100096"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/533"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDCMImage function in coders\\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100096",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100096"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/533",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/533"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12140",
    "datePublished": "2017-08-02T05:00:00",
    "dateReserved": "2017-08-01T00:00:00",
    "dateUpdated": "2024-08-05T18:28:16.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-39212
Vulnerability from cvelistv5
Published
2021-09-13 00:00
Modified
2024-08-04 01:58
Summary
Issue when Configuring the ImageMagick Security Policy
Impacted products
ImageMagickImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.274Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 7.0.0, \u003c 7.1.0-7"
            },
            {
              "status": "affected",
              "version": "\u003c 6.9.12-22"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. \u003cpolicy domain=\"module\" rights=\"none\" pattern=\"PS\" /\u003e. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: \u003cpolicy domain=\"coder\" rights=\"none\" pattern=\"{PS,EPI,EPS,EPSF,EPSI}\" /\u003e."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668: Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ],
      "source": {
        "advisory": "GHSA-qvhr-jj4p-j2qr",
        "discovery": "UNKNOWN"
      },
      "title": "Issue when Configuring the ImageMagick Security Policy"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39212",
    "datePublished": "2021-09-13T00:00:00",
    "dateReserved": "2021-08-16T00:00:00",
    "dateUpdated": "2024-08-04T01:58:18.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7527
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/122"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115"
          },
          {
            "name": "93220",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378759"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-13T12:45:12",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/122"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115"
        },
        {
          "name": "93220",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378759"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7527",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a251039393f423c7858e63cab6aa98d17b8b7a41"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/122",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/122"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1542115"
            },
            {
              "name": "93220",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93220"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378759",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378759"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b3dd69b23e9338806891c708a0cc8a82c0d1872a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7527",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10061
Vulnerability from cvelistv5
Published
2017-03-03 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.112Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
          },
          {
            "name": "95207",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95207"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410471"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-03T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
        },
        {
          "name": "95207",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95207"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410471"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10061",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/4e914bbe371433f0590cefdf3bd5f3a5710069f9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/196",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/196"
            },
            {
              "name": "95207",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95207"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410471",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410471"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10061",
    "datePublished": "2017-03-03T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-1000476
Vulnerability from cvelistv5
Published
2018-01-03 18:00
Modified
2024-08-05 22:00
Severity ?
Summary
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:00:41.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
          },
          {
            "name": "102428",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102428"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/867"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-12-29T00:00:00",
      "datePublic": "2018-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
        },
        {
          "name": "102428",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102428"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/867"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-12-29",
          "ID": "CVE-2017-1000476",
          "REQUESTER": "zhouzhen@nsfocus.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20180104 [SECURITY] [DLA 1229-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html"
            },
            {
              "name": "102428",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102428"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/867",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/867"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000476",
    "datePublished": "2018-01-03T18:00:00",
    "dateReserved": "2018-01-03T00:00:00",
    "dateUpdated": "2024-08-05T22:00:41.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10059
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95206",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95206"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410469"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-24T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95206",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95206"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410469"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10059",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95206",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95206"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410469",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410469"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/58cf5bf4fade82e3b510e8f3463a967278a3e410"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10059",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20309
Vulnerability from cvelistv5
Published
2021-05-11 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImagemMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:23.626Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946722"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImagemMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.11, ImageMagick 6.9.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946722"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20309",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:23.626Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9804
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:05.089Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to \"too many object.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9804",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to \"too many object.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343459"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9804",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:05.089Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18029
Vulnerability from cvelistv5
Published
2018-01-12 20:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
References
http://www.securityfocus.com/bid/102519vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/691x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:50.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102519",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102519"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/691"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102519",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102519"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/691"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18029",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102519",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102519"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/691",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/691"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18029",
    "datePublished": "2018-01-12T20:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T21:06:50.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14989
Vulnerability from cvelistv5
Published
2017-10-02 05:00
Modified
2024-08-05 19:42
Severity ?
Summary
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/781x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/781"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/781"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/781",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/781"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14989",
    "datePublished": "2017-10-02T05:00:00",
    "dateReserved": "2017-10-02T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9813
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=ae8e15370f269a529623b762c1355ab1dbab712e"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343469"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=ae8e15370f269a529623b762c1355ab1dbab712e"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343469"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9813",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=ae8e15370f269a529623b762c1355ab1dbab712e",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=ae8e15370f269a529623b762c1355ab1dbab712e"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343469",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343469"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9813",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.572Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17879
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
References
http://www.securityfocus.com/bid/102305vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4074vendor-advisory, x_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2018/01/msg00000.htmlmailing-list, x_refsource_MLIST
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/906x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.396Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102305",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102305"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4074",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4074"
          },
          {
            "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/906"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102305",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102305"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4074",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4074"
        },
        {
          "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/906"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17879",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102305",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102305"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4074",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4074"
            },
            {
              "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/906",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/906"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17879",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12644
Vulnerability from cvelistv5
Published
2017-08-07 15:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100162",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100162"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/551"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\\dcm.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:09:19",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100162",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100162"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/551"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12644",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\\dcm.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100162",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100162"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/551",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/551"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a33f7498f9052b50e8fe8c8422a11ba84474cb42"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12644",
    "datePublished": "2017-08-07T15:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5690
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:07
Severity ?
Summary
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.960Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "91283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91283"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
          },
          {
            "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
          },
          {
            "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "91283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91283"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
        },
        {
          "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
        },
        {
          "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5690",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "91283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91283"
            },
            {
              "name": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html",
              "refsource": "MISC",
              "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
            },
            {
              "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
            },
            {
              "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5690",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27753
Vulnerability from cvelistv5
Published
2020-12-08 21:57
Modified
2024-08-04 16:18
Severity ?
Summary
There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.843Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-08T21:57:20",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27753",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 7.0.9-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27753",
    "datePublished": "2020-12-08T21:57:20",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.843Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-28463
Vulnerability from cvelistv5
Published
2022-05-08 00:00
Modified
2024-08-03 05:56
Severity ?
Summary
ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:56:15.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/4988"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680"
          },
          {
            "name": "[debian-lts-announce] 20220514 [SECURITY] [DLA-3007-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/4988"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680"
        },
        {
          "name": "[debian-lts-announce] 20220514 [SECURITY] [DLA-3007-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-28463",
    "datePublished": "2022-05-08T00:00:00",
    "dateReserved": "2022-04-04T00:00:00",
    "dateUpdated": "2024-08-03T05:56:15.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14249
Vulnerability from cvelistv5
Published
2017-09-11 09:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/708"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:27",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/708"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14249",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/708",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/708"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14249",
    "datePublished": "2017-09-11T09:00:00",
    "dateReserved": "2017-09-10T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13305
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1613"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-22T13:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1613"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13305",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1613",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1613"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13305",
    "datePublished": "2019-07-05T00:53:20",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5689
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:07
Severity ?
Summary
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:07:59.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "91283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91283"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
          },
          {
            "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
          },
          {
            "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "91283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91283"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
        },
        {
          "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
        },
        {
          "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5689",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "91283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91283"
            },
            {
              "name": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html",
              "refsource": "MISC",
              "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
            },
            {
              "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
            },
            {
              "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5689",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:07:59.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-4167
Vulnerability from cvelistv5
Published
2010-11-22 19:00
Modified
2024-08-07 03:34
Severity ?
Summary
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory.
References
http://secunia.com/advisories/42497third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=652860x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1028-1vendor-advisory, x_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2010/11/15/3mailing-list, x_refsource_MLIST
http://secunia.com/advisories/42744third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/49063third-party-advisory, x_refsource_SECUNIA
http://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.securityfocus.com/bid/45044vdb-entry, x_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.htmlvendor-advisory, x_refsource_FEDORA
http://www.vupen.com/english/advisories/2010/3322vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/3150vdb-entry, x_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.htmlvendor-advisory, x_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2012-0544.htmlvendor-advisory, x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2010/11/13/1mailing-list, x_refsource_MLIST
http://secunia.com/advisories/48100third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:34:37.527Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "42497",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42497"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=652860"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824"
          },
          {
            "name": "USN-1028-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1028-1"
          },
          {
            "name": "[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/11/15/3"
          },
          {
            "name": "42744",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42744"
          },
          {
            "name": "49063",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49063"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "45044",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45044"
          },
          {
            "name": "FEDORA-2010-19025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html"
          },
          {
            "name": "ADV-2010-3322",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3322"
          },
          {
            "name": "ADV-2010-3150",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3150"
          },
          {
            "name": "FEDORA-2010-19056",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html"
          },
          {
            "name": "RHSA-2012:0544",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
          },
          {
            "name": "[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/11/13/1"
          },
          {
            "name": "48100",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48100"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "42497",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42497"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=652860"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824"
        },
        {
          "name": "USN-1028-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1028-1"
        },
        {
          "name": "[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/11/15/3"
        },
        {
          "name": "42744",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42744"
        },
        {
          "name": "49063",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49063"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "45044",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45044"
        },
        {
          "name": "FEDORA-2010-19025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html"
        },
        {
          "name": "ADV-2010-3322",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3322"
        },
        {
          "name": "ADV-2010-3150",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3150"
        },
        {
          "name": "FEDORA-2010-19056",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html"
        },
        {
          "name": "RHSA-2012:0544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0544.html"
        },
        {
          "name": "[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/11/13/1"
        },
        {
          "name": "48100",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48100"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4167",
    "datePublished": "2010-11-22T19:00:00",
    "dateReserved": "2010-11-04T00:00:00",
    "dateUpdated": "2024-08-07T03:34:37.527Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8561
Vulnerability from cvelistv5
Published
2019-12-15 21:34
Modified
2024-08-06 13:18
Severity ?
Summary
imagemagick 6.8.9.6 has remote DOS via infinite loop
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.439Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2014-8561"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Nov/1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/10/31/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "imagemagick 6.8.9.6 has remote DOS via infinite loop"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-15T21:34:29",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2014-8561"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Nov/1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/10/31/3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8561",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "imagemagick 6.8.9.6 has remote DOS via infinite loop"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
            },
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2014-8561",
              "refsource": "MISC",
              "url": "https://security-tracker.debian.org/tracker/CVE-2014-8561"
            },
            {
              "name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561",
              "refsource": "MISC",
              "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2014-8561"
            },
            {
              "name": "http://seclists.org/fulldisclosure/2014/Nov/1",
              "refsource": "MISC",
              "url": "http://seclists.org/fulldisclosure/2014/Nov/1"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/10/31/3",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/10/31/3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8561",
    "datePublished": "2019-12-15T21:34:29",
    "dateReserved": "2014-10-30T00:00:00",
    "dateUpdated": "2024-08-06T13:18:48.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13060
Vulnerability from cvelistv5
Published
2017-08-22 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
https://github.com/ImageMagick/ImageMagick/issues/644x_refsource_CONFIRM
http://www.securityfocus.com/bid/100469vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:11.643Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/644"
          },
          {
            "name": "100469",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100469"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/644"
        },
        {
          "name": "100469",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100469"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13060",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/644",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/644"
            },
            {
              "name": "100469",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100469"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13060",
    "datePublished": "2017-08-22T06:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:11.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17682
Vulnerability from cvelistv5
Published
2017-12-14 06:00
Modified
2024-08-05 20:59
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:59:17.536Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/870"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
          },
          {
            "name": "102202",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102202"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/870"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
        },
        {
          "name": "102202",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102202"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/870",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/870"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
            },
            {
              "name": "102202",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102202"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17682",
    "datePublished": "2017-12-14T06:00:00",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-08-05T20:59:17.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16709
Vulnerability from cvelistv5
Published
2019-09-23 11:46
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
          },
          {
            "name": "openSUSE-SU-2019:2317",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html"
          },
          {
            "name": "openSUSE-SU-2019:2321",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-17T18:07:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
        },
        {
          "name": "openSUSE-SU-2019:2317",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html"
        },
        {
          "name": "openSUSE-SU-2019:2321",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16709",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1531",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
            },
            {
              "name": "openSUSE-SU-2019:2317",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html"
            },
            {
              "name": "openSUSE-SU-2019:2321",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16709",
    "datePublished": "2019-09-23T11:46:10",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17881
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/878x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17881",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/878",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17881",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12564
Vulnerability from cvelistv5
Published
2017-08-05 18:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.143Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100161",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100161"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-09T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100161",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100161"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100161",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100161"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/601",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12564",
    "datePublished": "2017-08-05T18:00:00",
    "dateReserved": "2017-08-05T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13059
Vulnerability from cvelistv5
Published
2017-08-22 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/100457vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/667x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:11.439Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100457",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100457"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100457",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100457"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/667"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13059",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100457",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100457"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/667",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/667"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13059",
    "datePublished": "2017-08-22T06:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:11.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17886
Vulnerability from cvelistv5
Published
2017-12-24 04:00
Modified
2024-08-05 21:06
Severity ?
Summary
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/874x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/874"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/874"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17886",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/874",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/874"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17886",
    "datePublished": "2017-12-24T04:00:00",
    "dateReserved": "2017-12-23T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9809
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.603Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343465"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343465"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9809",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343465",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343465"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=82f779cbc24045af2eaecb95d0842ca7b97c71f4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9809",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.603Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15277
Vulnerability from cvelistv5
Published
2017-10-12 08:00
Modified
2024-08-05 19:50
Severity ?
Summary
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/neex/gifoeb"
          },
          {
            "name": "DSA-4321",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4321"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/592"
          },
          {
            "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5"
          },
          {
            "name": "USN-4232-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4232-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T19:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/neex/gifoeb"
        },
        {
          "name": "DSA-4321",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4321"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/592"
        },
        {
          "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5"
        },
        {
          "name": "USN-4232-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4232-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/neex/gifoeb",
              "refsource": "MISC",
              "url": "https://github.com/neex/gifoeb"
            },
            {
              "name": "DSA-4321",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4321"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/592",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/592"
            },
            {
              "name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5"
            },
            {
              "name": "USN-4232-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4232-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15277",
    "datePublished": "2017-10-12T08:00:00",
    "dateReserved": "2017-10-11T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8350
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/447x_refsource_CONFIRM
http://www.securityfocus.com/bid/98373vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/447"
          },
          {
            "name": "98373",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98373"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/447"
        },
        {
          "name": "98373",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98373"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8350",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/447",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/447"
            },
            {
              "name": "98373",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98373"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8350",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18025
Vulnerability from cvelistv5
Published
2018-10-07 18:00
Modified
2024-08-05 11:01
Severity ?
Summary
In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1335"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:32",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1335"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18025",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1335",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1335"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18025",
    "datePublished": "2018-10-07T18:00:00",
    "dateReserved": "2018-10-07T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9824
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343480"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343480"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9824",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343480",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343480"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9824",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5691
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:08
Severity ?
Summary
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:08:00.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "91283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91283"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
          },
          {
            "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
          },
          {
            "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "91283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91283"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG%2C-DDS%2C-DCM.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
        },
        {
          "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
        },
        {
          "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5691",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "91283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91283"
            },
            {
              "name": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html",
              "refsource": "MISC",
              "url": "https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/5511ef530576ed18fd636baa3bb4eda3d667665d"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/7.0.1-7/ChangeLog"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/blob/6.9.4-5/ChangeLog"
            },
            {
              "name": "[oss-security] 20160617 Re: Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/17/3"
            },
            {
              "name": "[oss-security] 20160614 Various invalid memory reads in ImageMagick (WPG, DDS, DCM)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/14/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5691",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-16T00:00:00",
    "dateUpdated": "2024-08-06T01:08:00.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11644
Vulnerability from cvelistv5
Published
2017-07-26 08:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100014",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100014"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/587"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100014",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100014"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/587"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11644",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100014",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100014"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/587",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/587"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11644",
    "datePublished": "2017-07-26T08:00:00",
    "dateReserved": "2017-07-25T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9832
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9832",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9832",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9907
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 14:02
Severity ?
Summary
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:02:36.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378734"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2"
          },
          {
            "name": "93231",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T09:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378734"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2"
        },
        {
          "name": "93231",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2014-9907",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378734",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378734"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/504ada82b6fa38a30c846c1c29116af7290decb2"
            },
            {
              "name": "93231",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93231"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/21eae25a8db5fdcd112dbcfcd9e5c37e32d32e2f"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d7325bac173492b358417a0ad49fabad44447d52"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2014-9907",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-22T00:00:00",
    "dateUpdated": "2024-08-06T14:02:36.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-15017
Vulnerability from cvelistv5
Published
2017-10-04 07:00
Modified
2024-08-05 19:42
Severity ?
Summary
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:42:22.266Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/723"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/723"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-15017",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/723",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/723"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-15017",
    "datePublished": "2017-10-04T07:00:00",
    "dateReserved": "2017-10-03T00:00:00",
    "dateUpdated": "2024-08-05T19:42:22.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10050
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95185",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95185"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf"
          },
          {
            "name": "openSUSE-SU-2017:0391",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
          },
          {
            "name": "openSUSE-SU-2017:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410454"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-26T15:19:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "95185",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95185"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf"
        },
        {
          "name": "openSUSE-SU-2017:0391",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
        },
        {
          "name": "openSUSE-SU-2017:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410454"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10050",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95185",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95185"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/73fb0aac5b958521e1511e179ecc0ad49f70ebaf"
            },
            {
              "name": "openSUSE-SU-2017:0391",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
            },
            {
              "name": "openSUSE-SU-2017:0399",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410454",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410454"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/139d4323c40d7363bfdd2382c3821a6f76d69430"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10050",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.085Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14173
Vulnerability from cvelistv5
Published
2017-09-07 06:00
Modified
2024-08-05 19:20
Severity ?
Summary
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/713"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dadd4babbf1c9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation \"GetQuantumRange(depth)+1\" when \"depth\" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large \"max_value\" value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T20:49:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/713"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dadd4babbf1c9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation \"GetQuantumRange(depth)+1\" when \"depth\" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large \"max_value\" value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/713",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/713"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dadd4babbf1c9",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dadd4babbf1c9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14173",
    "datePublished": "2017-09-07T06:00:00",
    "dateReserved": "2017-09-07T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3574
Vulnerability from cvelistv5
Published
2022-08-26 00:00
Modified
2024-08-03 17:01
Severity ?
Summary
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:08.128Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/3540"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c6ad94fbb7b280f39c2fbbdc1c140e51b1b466e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/cd7f9fb7751b0d59d5a74b12d971155caad5a792"
          },
          {
            "name": "FEDORA-2022-776925f086",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNVDNM4ZEIYPT3SLZHPYN7OG4CZLEXZJ/"
          },
          {
            "name": "FEDORA-2022-9b5bb11725",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5C6XAGUFPUF4SNVCI2T4OJK3EFIENBGP/"
          },
          {
            "name": "FEDORA-2022-0a0e4cb94a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Q6MJAMGHGB552KSFTQKXEKJVQNM4MCT/"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in ImageMagick-7.0.11-8, ImageMagick-6.9.12-8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401 - Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/3540"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c6ad94fbb7b280f39c2fbbdc1c140e51b1b466e9"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/cd7f9fb7751b0d59d5a74b12d971155caad5a792"
        },
        {
          "name": "FEDORA-2022-776925f086",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNVDNM4ZEIYPT3SLZHPYN7OG4CZLEXZJ/"
        },
        {
          "name": "FEDORA-2022-9b5bb11725",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5C6XAGUFPUF4SNVCI2T4OJK3EFIENBGP/"
        },
        {
          "name": "FEDORA-2022-0a0e4cb94a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Q6MJAMGHGB552KSFTQKXEKJVQNM4MCT/"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3574",
    "datePublished": "2022-08-26T00:00:00",
    "dateReserved": "2021-06-02T00:00:00",
    "dateUpdated": "2024-08-03T17:01:08.128Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9848
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 13:55
Severity ?
Summary
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "name": "openSUSE-SU-2017:0023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "name": "SUSE-SU-2016:3258",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343507"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-20T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "name": "openSUSE-SU-2017:0023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "name": "SUSE-SU-2016:3258",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343507"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9848",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "openSUSE-SU-2017:0023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "SUSE-SU-2016:3258",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343507",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343507"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9848",
    "datePublished": "2017-03-20T16:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25674
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 15:40
Severity ?
Summary
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891928"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122-\u003eCWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891928"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25674",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9298
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-08-06 02:50
Severity ?
Summary
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:36.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/296"
          },
          {
            "name": "94310",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94310"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "name": "[oss-security] 20161114 Re: Imagemagick heap overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/14/10"
          },
          {
            "name": "[oss-security] 20161113 Imagemagick heap overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/13/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/296"
        },
        {
          "name": "94310",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94310"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "name": "[oss-security] 20161114 Re: Imagemagick heap overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/14/10"
        },
        {
          "name": "[oss-security] 20161113 Imagemagick heap overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/13/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-9298",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/296",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/296"
            },
            {
              "name": "94310",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94310"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "[oss-security] 20161114 Re: Imagemagick heap overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/11/14/10"
            },
            {
              "name": "[oss-security] 20161113 Imagemagick heap overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/11/13/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-9298",
    "datePublished": "2017-01-27T22:01:00",
    "dateReserved": "2016-11-14T00:00:00",
    "dateUpdated": "2024-08-06T02:50:36.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0827
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:11123",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
          },
          {
            "name": "ADV-2008-0412",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0412"
          },
          {
            "name": "201006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
          },
          {
            "name": "DSA-547",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-547"
          },
          {
            "name": "RHSA-2004:494",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
          },
          {
            "name": "RHSA-2004:480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
          },
          {
            "name": "231321",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
          },
          {
            "name": "imagemagick-bmp-Bo(17173)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
          },
          {
            "name": "28800",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:11123",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
        },
        {
          "name": "ADV-2008-0412",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0412"
        },
        {
          "name": "201006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
        },
        {
          "name": "DSA-547",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-547"
        },
        {
          "name": "RHSA-2004:494",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
        },
        {
          "name": "RHSA-2004:480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
        },
        {
          "name": "231321",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
        },
        {
          "name": "imagemagick-bmp-Bo(17173)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
        },
        {
          "name": "28800",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28800"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0827",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:11123",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
            },
            {
              "name": "ADV-2008-0412",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0412"
            },
            {
              "name": "201006",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
            },
            {
              "name": "DSA-547",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-547"
            },
            {
              "name": "RHSA-2004:494",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
            },
            {
              "name": "RHSA-2004:480",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
            },
            {
              "name": "231321",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
            },
            {
              "name": "imagemagick-bmp-Bo(17173)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
            },
            {
              "name": "28800",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28800"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0827",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-09-02T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7941
Vulnerability from cvelistv5
Published
2017-04-18 19:00
Modified
2024-08-05 16:19
Severity ?
Summary
The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/428x_refsource_CONFIRM
http://www.securityfocus.com/bid/97944vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:29.319Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/428"
          },
          {
            "name": "97944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97944"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/428"
        },
        {
          "name": "97944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97944"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7941",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/428",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/428"
            },
            {
              "name": "97944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97944"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7941",
    "datePublished": "2017-04-18T19:00:00",
    "dateReserved": "2017-04-18T00:00:00",
    "dateUpdated": "2024-08-05T16:19:29.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11537
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/560x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2019/05/msg00015.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.177Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/560"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/560"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11537",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/560",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/560"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11537",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14172
Vulnerability from cvelistv5
Published
2017-09-07 06:00
Modified
2024-08-05 19:20
Severity ?
Summary
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/715"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large \"extent\" field in the header but does not contain sufficient backing data, is provided, the loop over \"length\" would consume huge CPU resources, since there is no EOF check inside the loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-07T20:45:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/715"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large \"extent\" field in the header but does not contain sufficient backing data, is provided, the loop over \"length\" would consume huge CPU resources, since there is no EOF check inside the loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/715",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/715"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14172",
    "datePublished": "2017-09-07T06:00:00",
    "dateReserved": "2017-09-07T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12876
Vulnerability from cvelistv5
Published
2017-08-28 19:00
Modified
2024-08-05 18:51
Severity ?
Summary
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:06.775Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-heap-based-buffer-overflow-in-omp_outlined-32-enhance-c/"
          },
          {
            "name": "[oss-security] 20170816 imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/08/16/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-heap-based-buffer-overflow-in-omp_outlined-32-enhance-c/"
        },
        {
          "name": "[oss-security] 20170816 imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/08/16/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12876",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-heap-based-buffer-overflow-in-omp_outlined-32-enhance-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2017/08/10/imagemagick-heap-based-buffer-overflow-in-omp_outlined-32-enhance-c/"
            },
            {
              "name": "[oss-security] 20170816 imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/08/16/3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1cc6f0ccc92c20c7cab6c4a7335daf29c91f0d8e"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12876",
    "datePublished": "2017-08-28T19:00:00",
    "dateReserved": "2017-08-15T00:00:00",
    "dateUpdated": "2024-08-05T18:51:06.775Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27762
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894680"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894680"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27762",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20176
Vulnerability from cvelistv5
Published
2021-02-05 00:00
Modified
2024-08-03 17:30
Severity ?
Summary
A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916610"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "6.9.11-57, 7.0.10-57"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916610"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20176",
    "datePublished": "2021-02-05T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:30:07.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-11472
Vulnerability from cvelistv5
Published
2019-04-23 13:55
Modified
2024-08-04 22:55
Severity ?
Summary
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1546"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4"
          },
          {
            "name": "openSUSE-SU-2019:1603",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "FEDORA-2019-da4c20882c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
          },
          {
            "name": "FEDORA-2019-425a1aa7c9",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
          },
          {
            "name": "openSUSE-SU-2019:1683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:22",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1546"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4"
        },
        {
          "name": "openSUSE-SU-2019:1603",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "FEDORA-2019-da4c20882c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
        },
        {
          "name": "FEDORA-2019-425a1aa7c9",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
        },
        {
          "name": "openSUSE-SU-2019:1683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11472",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1546",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1546"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4"
            },
            {
              "name": "openSUSE-SU-2019:1603",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "FEDORA-2019-da4c20882c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/"
            },
            {
              "name": "FEDORA-2019-425a1aa7c9",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/"
            },
            {
              "name": "openSUSE-SU-2019:1683",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11472",
    "datePublished": "2019-04-23T13:55:18",
    "dateReserved": "2019-04-23T00:00:00",
    "dateUpdated": "2024-08-04T22:55:40.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-8958
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 08:36
Severity ?
Summary
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:36:31.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105"
          },
          {
            "name": "93124",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93124"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378736"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-20T17:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105"
        },
        {
          "name": "93124",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93124"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378736"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2015-8958",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26857",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26857"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105"
            },
            {
              "name": "93124",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93124"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378736",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378736"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2015-8958",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-20T00:00:00",
    "dateUpdated": "2024-08-06T08:36:31.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16644
Vulnerability from cvelistv5
Published
2018-09-06 22:00
Modified
2024-08-05 10:32
Severity ?
Summary
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:53.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7"
          },
          {
            "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135"
          },
          {
            "name": "DSA-4316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4316"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1269"
          },
          {
            "name": "openSUSE-SU-2019:1320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7"
        },
        {
          "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135"
        },
        {
          "name": "DSA-4316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4316"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1269"
        },
        {
          "name": "openSUSE-SU-2019:1320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16644",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7"
            },
            {
              "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135"
            },
            {
              "name": "DSA-4316",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4316"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1269",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1269"
            },
            {
              "name": "openSUSE-SU-2019:1320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16644",
    "datePublished": "2018-09-06T22:00:00",
    "dateReserved": "2018-09-06T00:00:00",
    "dateUpdated": "2024-08-05T10:32:53.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27751
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891994"
          },
          {
            "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long long` as well as a shift exponent that is too large for 64-bit type. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891994"
        },
        {
          "name": "[debian-lts-announce] 20210603 [SECURITY] [DLA 2672-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27751",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.665Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27829
Vulnerability from cvelistv5
Published
2021-03-26 16:49
Modified
2024-08-04 16:25
Severity ?
Summary
A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:43.629Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.10-45"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-26T16:49:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27829",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick 7.0.10-45"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap based buffer overflow in coders/tiff.c may result in program crash and denial of service in ImageMagick before 7.0.10-45."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27829",
    "datePublished": "2021-03-26T16:49:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:25:43.629Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-4562
Vulnerability from cvelistv5
Published
2016-06-04 16:00
Modified
2024-08-06 00:32
Severity ?
Summary
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:25.716Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-20T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-4562",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-4562",
    "datePublished": "2016-06-04T16:00:00",
    "dateReserved": "2016-05-06T00:00:00",
    "dateUpdated": "2024-08-06T00:32:25.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8354
Vulnerability from cvelistv5
Published
2017-04-11 19:00
Modified
2024-08-06 13:18
Severity ?
Summary
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"
          },
          {
            "name": "70830",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70830"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-11-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-11T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"
        },
        {
          "name": "70830",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70830"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8354",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1158518"
            },
            {
              "name": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/128944/ImageMagick-Out-Of-Bounds-Read-Heap-Overflow.html"
            },
            {
              "name": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html",
              "refsource": "MISC",
              "url": "https://int21.de/cve/CVE-2014-8354-ImageMagick-oob-heap-overflow.html"
            },
            {
              "name": "70830",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70830"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8354",
    "datePublished": "2017-04-11T19:00:00",
    "dateReserved": "2014-10-20T00:00:00",
    "dateUpdated": "2024-08-06T13:18:48.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-1958
Vulnerability from cvelistv5
Published
2020-02-06 14:58
Modified
2024-08-06 09:58
Severity ?
Summary
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:58:15.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trac.imagemagick.org/changeset/14801"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-2132-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2014/02/19/13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-02-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-06T14:58:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trac.imagemagick.org/changeset/14801"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ubuntu.com/usn/usn-2132-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2014/02/19/13"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-1958",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://trac.imagemagick.org/changeset/14801",
              "refsource": "CONFIRM",
              "url": "http://trac.imagemagick.org/changeset/14801"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/13/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/13/2"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2014/02/13/5",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2014/02/13/5"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html",
              "refsource": "CONFIRM",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.html"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html",
              "refsource": "CONFIRM",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.html"
            },
            {
              "name": "http://ubuntu.com/usn/usn-2132-1",
              "refsource": "CONFIRM",
              "url": "http://ubuntu.com/usn/usn-2132-1"
            },
            {
              "name": "https://www.openwall.com/lists/oss-security/2014/02/19/13",
              "refsource": "MISC",
              "url": "https://www.openwall.com/lists/oss-security/2014/02/19/13"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-1958",
    "datePublished": "2020-02-06T14:58:59",
    "dateReserved": "2014-02-13T00:00:00",
    "dateUpdated": "2024-08-06T09:58:15.585Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-17966
Vulnerability from cvelistv5
Published
2018-10-03 18:00
Modified
2024-08-05 11:01
Severity ?
Summary
ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1050x_refsource_MISC
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.669Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1050"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1050"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17966",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1050",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1050"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17966",
    "datePublished": "2018-10-03T18:00:00",
    "dateReserved": "2018-10-03T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9839
Vulnerability from cvelistv5
Published
2017-03-22 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
References
http://www.openwall.com/lists/oss-security/2016/06/02/13mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2014/12/24/1mailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-22T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9839",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9839",
    "datePublished": "2017-03-22T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17934
Vulnerability from cvelistv5
Published
2017-12-27 07:00
Modified
2024-08-05 21:06
Severity ?
Summary
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
References
https://github.com/ImageMagick/ImageMagick/issues/920x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/102314vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:06:49.721Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/920"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "102314",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102314"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/920"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "102314",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102314"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17934",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/920",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/920"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "102314",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102314"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17934",
    "datePublished": "2017-12-27T07:00:00",
    "dateReserved": "2017-12-27T00:00:00",
    "dateUpdated": "2024-08-05T21:06:49.721Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9559
Vulnerability from cvelistv5
Published
2017-03-01 15:00
Modified
2024-08-06 02:50
Severity ?
Summary
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:38.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "94489",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94489"
          },
          {
            "name": "[oss-security] 20161122 Re: imagemagick: null pointer must never be null (tiff.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/23/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b"
          },
          {
            "name": "[oss-security] 20161119 imagemagick: null pointer must never be null (tiff.c)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/19/7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/298"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/"
          },
          {
            "name": "DSA-3726",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3726"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "94489",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94489"
        },
        {
          "name": "[oss-security] 20161122 Re: imagemagick: null pointer must never be null (tiff.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/23/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b"
        },
        {
          "name": "[oss-security] 20161119 imagemagick: null pointer must never be null (tiff.c)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/19/7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/298"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/"
        },
        {
          "name": "DSA-3726",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3726"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-9559",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "94489",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94489"
            },
            {
              "name": "[oss-security] 20161122 Re: imagemagick: null pointer must never be null (tiff.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/11/23/4"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b61d35eaccc0a7ddeff8a1c3abfcd0a43ccf210b"
            },
            {
              "name": "[oss-security] 20161119 imagemagick: null pointer must never be null (tiff.c)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/11/19/7"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/298",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/298"
            },
            {
              "name": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/",
              "refsource": "MISC",
              "url": "https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/"
            },
            {
              "name": "DSA-3726",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3726"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-9559",
    "datePublished": "2017-03-01T15:00:00",
    "dateReserved": "2016-11-22T00:00:00",
    "dateUpdated": "2024-08-06T02:50:38.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10057
Vulnerability from cvelistv5
Published
2017-03-23 17:00
Modified
2024-08-06 03:07
Severity ?
Summary
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:07:32.016Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410466"
          },
          {
            "name": "95192",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95192"
          },
          {
            "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T20:36:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410466"
        },
        {
          "name": "95192",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95192"
        },
        {
          "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10057",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410466",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410466"
            },
            {
              "name": "95192",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95192"
            },
            {
              "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/eedd0c35bb2d8af7aa05f215689fdebd11633fa1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10057",
    "datePublished": "2017-03-23T17:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-06T03:07:32.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-14436
Vulnerability from cvelistv5
Published
2018-07-20 00:00
Modified
2024-08-05 09:29
Severity ?
Summary
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1191x_refsource_MISC
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:29:51.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1191"
          },
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-05T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1191"
        },
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14436",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1191",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1191"
            },
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14436",
    "datePublished": "2018-07-20T00:00:00",
    "dateReserved": "2018-07-19T00:00:00",
    "dateUpdated": "2024-08-05T09:29:51.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13299
Vulnerability from cvelistv5
Published
2019-07-05 00:52
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.506Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1610"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1610"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13299",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1610",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1610"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13299",
    "datePublished": "2019-07-05T00:52:07",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.506Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10144
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-06 03:14
Severity ?
Summary
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:42.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "name": "95750",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95750"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "name": "95750",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95750"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-10144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "95750",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95750"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-10144",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-06T03:14:42.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12566
Vulnerability from cvelistv5
Published
2017-08-05 18:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.036Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/603"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-05T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/603"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12566",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/603",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/603"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12566",
    "datePublished": "2017-08-05T18:00:00",
    "dateReserved": "2017-08-05T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12654
Vulnerability from cvelistv5
Published
2017-08-07 18:00
Modified
2024-08-05 18:43
Severity ?
Summary
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.536Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/620"
          },
          {
            "name": "100230",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100230"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-10T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/620"
        },
        {
          "name": "100230",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100230"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12654",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/620",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/620"
            },
            {
              "name": "100230",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100230"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12654",
    "datePublished": "2017-08-07T18:00:00",
    "dateReserved": "2017-08-07T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8356
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/449x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/98378vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.671Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/449"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "name": "98378",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98378"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/449"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "name": "98378",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98378"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8356",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/449",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/449"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "98378",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98378"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8356",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13304
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.443Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1614"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-03T11:06:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1614"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13304",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1614",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1614"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13304",
    "datePublished": "2019-07-05T00:53:10",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27757
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by ImageMagick. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894234"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by ImageMagick. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894234"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27757",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.665Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-34474
Vulnerability from cvelistv5
Published
2023-06-16 00:00
Modified
2024-08-02 16:10
Severity ?
Summary
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-34474",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T19:42:10.758164Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T19:42:24.171Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:10:07.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214148"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-34474"
          },
          {
            "name": "FEDORA-2023-27548af422",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
          },
          {
            "name": "FEDORA-2023-edbdccae2a",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.1-10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow issue was discovered in ImageMagick\u0027s ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 - Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-12T18:55:56.633Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214148"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-34474"
        },
        {
          "name": "FEDORA-2023-27548af422",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/"
        },
        {
          "name": "FEDORA-2023-edbdccae2a",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-34474",
    "datePublished": "2023-06-16T00:00:00",
    "dateReserved": "2023-06-07T00:00:00",
    "dateUpdated": "2024-08-02T16:10:07.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1096
Vulnerability from cvelistv5
Published
2008-03-05 20:00
Modified
2024-08-07 08:08
Severity ?
Summary
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/41194vdb-entry, x_refsource_XF
http://secunia.com/advisories/32945third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/28821vdb-entry, x_refsource_BID
http://osvdb.org/43212vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30967third-party-advisory, x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlvendor-advisory, x_refsource_SUSE
http://www.mandriva.com/security/advisories?name=MDVSA-2008:099vendor-advisory, x_refsource_MANDRIVA
http://www.securitytracker.com/id?1019880vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=286411x_refsource_MISC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843vdb-entry, signature, x_refsource_OVAL
http://www.ubuntu.com/usn/USN-681-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.621Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "imagemagick-loadtile-code-execution(41194)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41194"
          },
          {
            "name": "32945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32945"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "28821",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28821"
          },
          {
            "name": "43212",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/43212"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "name": "30967",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30967"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370"
          },
          {
            "name": "SUSE-SR:2008:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
          },
          {
            "name": "MDVSA-2008:099",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
          },
          {
            "name": "1019880",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019880"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=286411"
          },
          {
            "name": "oval:org.mitre.oval:def:10843",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843"
          },
          {
            "name": "USN-681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-681-1"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "imagemagick-loadtile-code-execution(41194)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41194"
        },
        {
          "name": "32945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32945"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "28821",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28821"
        },
        {
          "name": "43212",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/43212"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "name": "30967",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30967"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370"
        },
        {
          "name": "SUSE-SR:2008:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
        },
        {
          "name": "MDVSA-2008:099",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
        },
        {
          "name": "1019880",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019880"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=286411"
        },
        {
          "name": "oval:org.mitre.oval:def:10843",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843"
        },
        {
          "name": "USN-681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-681-1"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1096",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "imagemagick-loadtile-code-execution(41194)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41194"
            },
            {
              "name": "32945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32945"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "28821",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28821"
            },
            {
              "name": "43212",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/43212"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "30967",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30967"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370",
              "refsource": "MISC",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414370"
            },
            {
              "name": "SUSE-SR:2008:014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
            },
            {
              "name": "MDVSA-2008:099",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:099"
            },
            {
              "name": "1019880",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019880"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=286411",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=286411"
            },
            {
              "name": "oval:org.mitre.oval:def:10843",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10843"
            },
            {
              "name": "USN-681-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-681-1"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1096",
    "datePublished": "2008-03-05T20:00:00",
    "dateReserved": "2008-02-28T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.621Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7523
Vulnerability from cvelistv5
Published
2020-02-06 13:37
Modified
2024-08-06 02:04
Severity ?
Summary
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Impacted products
ImageMagickImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/94"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "ImageMagick",
          "versions": [
            {
              "status": "affected",
              "version": "before 7.0.1-0"
            }
          ]
        }
      ],
      "datePublic": "2016-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-06T13:37:33",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/94"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7523",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 7.0.1-0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ImageMagick"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.openwall.com/lists/oss-security/2016/09/22/2",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420",
              "refsource": "MISC",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/94",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/94"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7523",
    "datePublished": "2020-02-06T13:37:33",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14248
Vulnerability from cvelistv5
Published
2017-09-11 09:00
Modified
2024-08-05 19:20
Severity ?
Summary
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/717x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/717"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-12T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/717"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14248",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/717",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/717"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14248",
    "datePublished": "2017-09-11T09:00:00",
    "dateReserved": "2017-09-10T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.295Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11523
Vulnerability from cvelistv5
Published
2017-07-22 21:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/869210"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/869210"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11523",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078"
            },
            {
              "name": "https://bugs.debian.org/869210",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/869210"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/591",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/591"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/a8f9c2aabed37cd6a728532d1aed13ae0f3dfd78"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11523",
    "datePublished": "2017-07-22T21:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9143
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 16:55
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:55:22.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/456"
          },
          {
            "name": "98682",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98682"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/3b0fe05cddd8910f84e51b4d50099702ea45ba4a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T20:52:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/456"
        },
        {
          "name": "98682",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98682"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/3b0fe05cddd8910f84e51b4d50099702ea45ba4a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/456",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/456"
            },
            {
              "name": "98682",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98682"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/3b0fe05cddd8910f84e51b4d50099702ea45ba4a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/3b0fe05cddd8910f84e51b4d50099702ea45ba4a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9143",
    "datePublished": "2017-05-22T14:00:00",
    "dateReserved": "2017-05-22T00:00:00",
    "dateUpdated": "2024-08-05T16:55:22.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-2719
Vulnerability from cvelistv5
Published
2022-08-09 20:18
Modified
2024-08-03 00:46
Severity ?
Summary
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30.
References
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:46:03.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick versions before 7.1.0-30"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-09T20:18:08",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2022-2719",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageMagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ImageMagick versions before 7.1.0-30"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-617"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-2719",
    "datePublished": "2022-08-09T20:18:08",
    "dateReserved": "2022-08-08T00:00:00",
    "dateUpdated": "2024-08-03T00:46:03.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13306
Vulnerability from cvelistv5
Published
2019-07-05 00:53
Modified
2024-08-04 23:49
Severity ?
Summary
ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1612"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4715",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4715"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-03T11:06:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1612"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4715",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4715"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13306",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1612",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1612"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4715",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4715"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13306",
    "datePublished": "2019-07-05T00:53:29",
    "dateReserved": "2019-07-04T00:00:00",
    "dateUpdated": "2024-08-04T23:49:24.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-7942
Vulnerability from cvelistv5
Published
2017-04-18 19:00
Modified
2024-08-05 16:19
Severity ?
Summary
The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:29.353Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/429"
          },
          {
            "name": "97946",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97946"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-21T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/429"
        },
        {
          "name": "97946",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97946"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-7942",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/429",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/429"
            },
            {
              "name": "97946",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97946"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-7942",
    "datePublished": "2017-04-18T19:00:00",
    "dateReserved": "2017-04-18T00:00:00",
    "dateUpdated": "2024-08-05T16:19:29.353Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0981
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:39
Severity ?
Summary
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
References
http://www.securityfocus.org/bid/11548vdb-entry, x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/17903vdb-entry, x_refsource_XF
http://secunia.com/advisories/12995/third-party-advisory, x_refsource_SECUNIA
https://www.ubuntu.com/usn/usn-7-1/vendor-advisory, x_refsource_UBUNTU
http://security.gentoo.org/glsa/glsa-200411-11.xmlvendor-advisory, x_refsource_GENTOO
http://www.imagemagick.org/www/Changelog.htmlx_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472vdb-entry, signature, x_refsource_OVAL
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11548",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.org/bid/11548"
          },
          {
            "name": "imagemagick-exif-image-bo(17903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17903"
          },
          {
            "name": "12995",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12995/"
          },
          {
            "name": "USN-7-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/usn-7-1/"
          },
          {
            "name": "GLSA-200411-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200411-11.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/www/Changelog.html"
          },
          {
            "name": "oval:org.mitre.oval:def:10472",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11548",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.org/bid/11548"
        },
        {
          "name": "imagemagick-exif-image-bo(17903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17903"
        },
        {
          "name": "12995",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12995/"
        },
        {
          "name": "USN-7-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/usn-7-1/"
        },
        {
          "name": "GLSA-200411-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200411-11.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/www/Changelog.html"
        },
        {
          "name": "oval:org.mitre.oval:def:10472",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0981",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11548",
              "refsource": "BID",
              "url": "http://www.securityfocus.org/bid/11548"
            },
            {
              "name": "imagemagick-exif-image-bo(17903)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17903"
            },
            {
              "name": "12995",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12995/"
            },
            {
              "name": "USN-7-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/usn-7-1/"
            },
            {
              "name": "GLSA-200411-11",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200411-11.xml"
            },
            {
              "name": "http://www.imagemagick.org/www/Changelog.html",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/www/Changelog.html"
            },
            {
              "name": "oval:org.mitre.oval:def:10472",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10472"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0981",
    "datePublished": "2004-11-19T05:00:00",
    "dateReserved": "2004-10-24T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16328
Vulnerability from cvelistv5
Published
2018-09-01 22:00
Modified
2024-09-16 17:28
Severity ?
Summary
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:38.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1224"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-01T22:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1224"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-16328",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1224",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1224"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-16328",
    "datePublished": "2018-09-01T22:00:00Z",
    "dateReserved": "2018-09-01T00:00:00Z",
    "dateUpdated": "2024-09-16T17:28:05.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14607
Vulnerability from cvelistv5
Published
2017-09-20 17:00
Modified
2024-08-05 19:34
Severity ?
Summary
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
References
https://www.debian.org/security/2017/dsa-4040vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4032vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/765x_refsource_CONFIRM
http://www.securityfocus.com/bid/100944vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:34:39.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4040"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4032",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/765"
          },
          {
            "name": "100944",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100944"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4040"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4032",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/765"
        },
        {
          "name": "100944",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100944"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14607",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4040",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4040"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4032",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4032"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/765",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/765"
            },
            {
              "name": "100944",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100944"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14607",
    "datePublished": "2017-09-20T17:00:00",
    "dateReserved": "2017-09-20T00:00:00",
    "dateUpdated": "2024-08-05T19:34:39.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11527
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/523"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-23T02:57:06",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/523"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11527",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/523",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/523"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867812"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11527",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-14434
Vulnerability from cvelistv5
Published
2018-07-20 00:00
Modified
2024-08-05 09:29
Severity ?
Summary
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
References
https://usn.ubuntu.com/3785-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1192x_refsource_MISC
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:29:51.016Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3785-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3785-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1192"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3785-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3785-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1192"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-14434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3785-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3785-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1192",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1192"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-14434",
    "datePublished": "2018-07-20T00:00:00",
    "dateReserved": "2018-07-19T00:00:00",
    "dateUpdated": "2024-08-05T09:29:51.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13133
Vulnerability from cvelistv5
Published
2019-07-01 19:27
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.524Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-21T14:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13133",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1600",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1600"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13133",
    "datePublished": "2019-07-01T19:27:14",
    "dateReserved": "2019-07-01T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48541
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-08-03 15:17
Severity ?
Summary
A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/2889"
          },
          {
            "name": "FEDORA-2024-6f8c1d9005",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
          },
          {
            "name": "FEDORA-2024-d23b0f5e76",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
          },
          {
            "name": "[debian-lts-announce] 20240320 [SECURITY] [DLA 3767-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the \"identify -help\" command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-20T10:05:57.934695",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ImageMagick/ImageMagick/issues/2889"
        },
        {
          "name": "FEDORA-2024-6f8c1d9005",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/"
        },
        {
          "name": "FEDORA-2024-d23b0f5e76",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"
        },
        {
          "name": "[debian-lts-announce] 20240320 [SECURITY] [DLA 3767-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-48541",
    "datePublished": "2023-08-22T00:00:00",
    "dateReserved": "2023-07-23T00:00:00",
    "dateUpdated": "2024-08-03T15:17:55.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-20241
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:37:22.963Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928952"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/pull/3177"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 6.9.11-62, ImageMagick 7.0.10-62"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-22T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928952"
        },
        {
          "url": "https://github.com/ImageMagick/ImageMagick/pull/3177"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230521 [SECURITY] [DLA 3429-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-20241",
    "datePublished": "2021-03-09T00:00:00",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:37:22.963Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14324
Vulnerability from cvelistv5
Published
2017-09-12 08:00
Modified
2024-08-05 19:20
Severity ?
Summary
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.402Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "100863",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/739"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-19T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "100863",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/739"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14324",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "100863",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100863"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/739",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/739"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14324",
    "datePublished": "2017-09-12T08:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27772
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898291"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898291"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27772",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12587
Vulnerability from cvelistv5
Published
2017-08-06 14:00
Modified
2024-08-05 18:43
Severity ?
Summary
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
References
https://github.com/ImageMagick/ImageMagick/issues/535x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2019/05/msg00015.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:56.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/535"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\\pwp.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/535"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\\pwp.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/535",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/535"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12587",
    "datePublished": "2017-08-06T14:00:00",
    "dateReserved": "2017-08-06T00:00:00",
    "dateUpdated": "2024-08-05T18:43:56.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-10146
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-06 03:14
Severity ?
Summary
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:41.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "name": "95744",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95744"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "name": "95744",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95744"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-10146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "95744",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95744"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-10146",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-06T03:14:41.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-44268
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-08-03 13:47
Severity ?
Summary
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:47:05.783Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://imagemagick.org/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.metabaseq.com/imagemagick-zero-days/"
          },
          {
            "name": "DSA-5347",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5347"
          },
          {
            "name": "FEDORA-2023-6537113d6d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/"
          },
          {
            "name": "FEDORA-2023-93389b8a9e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-06T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://imagemagick.org/"
        },
        {
          "url": "https://www.metabaseq.com/imagemagick-zero-days/"
        },
        {
          "name": "DSA-5347",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5347"
        },
        {
          "name": "FEDORA-2023-6537113d6d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/"
        },
        {
          "name": "FEDORA-2023-93389b8a9e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-44268",
    "datePublished": "2023-02-06T00:00:00",
    "dateReserved": "2022-10-30T00:00:00",
    "dateUpdated": "2024-08-03T13:47:05.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11535
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/561x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/561"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/561"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage() function in coders/ps.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/561",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/561"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11535",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12600
Vulnerability from cvelistv5
Published
2018-06-20 18:00
Modified
2024-08-05 08:38
Severity ?
Summary
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
References
https://lists.debian.org/debian-lts-announce/2018/06/msg00004.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3711-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/1178x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4245vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:38:06.327Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
          },
          {
            "name": "USN-3711-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3711-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1178"
          },
          {
            "name": "DSA-4245",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4245"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-27T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
        },
        {
          "name": "USN-3711-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3711-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1178"
        },
        {
          "name": "DSA-4245",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4245"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-12600",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180626 [SECURITY] [DLA 1394-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00004.html"
            },
            {
              "name": "USN-3711-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3711-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1178",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1178"
            },
            {
              "name": "DSA-4245",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4245"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12600",
    "datePublished": "2018-06-20T18:00:00",
    "dateReserved": "2018-06-20T00:00:00",
    "dateUpdated": "2024-08-05T08:38:06.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4988
Vulnerability from cvelistv5
Published
2007-09-24 22:00
Modified
2024-08-07 15:17
Severity ?
Summary
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.
References
http://secunia.com/advisories/27364third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/483572/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.ubuntu.com/usn/usn-523-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/27309third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29786third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/25765vdb-entry, x_refsource_BID
http://www.imagemagick.org/script/changelog.phpx_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3245vdb-entry, x_refsource_VUPEN
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597third-party-advisory, x_refsource_IDEFENSE
http://security.gentoo.org/glsa/glsa-200710-27.xmlvendor-advisory, x_refsource_GENTOO
http://www.securitytracker.com/id?1018729vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/27048third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/36737vdb-entry, x_refsource_XF
http://secunia.com/advisories/28721third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27439third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1743x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1858vendor-advisory, x_refsource_DEBIAN
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.htmlmailing-list, x_refsource_MLIST
http://secunia.com/advisories/26926third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656vdb-entry, signature, x_refsource_OVAL
http://bugs.gentoo.org/show_bug.cgi?id=186030x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_23_sr.htmlvendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/36260third-party-advisory, x_refsource_SECUNIA
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:27.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27364",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27364"
          },
          {
            "name": "RHSA-2008:0145",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
          },
          {
            "name": "20071112 FLEA-2007-0066-1 ImageMagick",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
          },
          {
            "name": "USN-523-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-523-1"
          },
          {
            "name": "27309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27309"
          },
          {
            "name": "29786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29786"
          },
          {
            "name": "25765",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25765"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/script/changelog.php"
          },
          {
            "name": "ADV-2007-3245",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3245"
          },
          {
            "name": "20070919 Multiple Vendor ImageMagick Sign Extension Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597"
          },
          {
            "name": "GLSA-200710-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
          },
          {
            "name": "1018729",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018729"
          },
          {
            "name": "27048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27048"
          },
          {
            "name": "imagemagick-readdibimage-bo(36737)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36737"
          },
          {
            "name": "28721",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28721"
          },
          {
            "name": "27439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27439"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1743"
          },
          {
            "name": "DSA-1858",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1858"
          },
          {
            "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
          },
          {
            "name": "26926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26926"
          },
          {
            "name": "MDVSA-2008:035",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
          },
          {
            "name": "oval:org.mitre.oval:def:9656",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
          },
          {
            "name": "SUSE-SR:2007:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
          },
          {
            "name": "36260",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36260"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27364",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27364"
        },
        {
          "name": "RHSA-2008:0145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
        },
        {
          "name": "20071112 FLEA-2007-0066-1 ImageMagick",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
        },
        {
          "name": "USN-523-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-523-1"
        },
        {
          "name": "27309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27309"
        },
        {
          "name": "29786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29786"
        },
        {
          "name": "25765",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25765"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.imagemagick.org/script/changelog.php"
        },
        {
          "name": "ADV-2007-3245",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3245"
        },
        {
          "name": "20070919 Multiple Vendor ImageMagick Sign Extension Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597"
        },
        {
          "name": "GLSA-200710-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
        },
        {
          "name": "1018729",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018729"
        },
        {
          "name": "27048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27048"
        },
        {
          "name": "imagemagick-readdibimage-bo(36737)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36737"
        },
        {
          "name": "28721",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28721"
        },
        {
          "name": "27439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27439"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1743"
        },
        {
          "name": "DSA-1858",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1858"
        },
        {
          "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
        },
        {
          "name": "26926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26926"
        },
        {
          "name": "MDVSA-2008:035",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
        },
        {
          "name": "oval:org.mitre.oval:def:9656",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
        },
        {
          "name": "SUSE-SR:2007:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
        },
        {
          "name": "36260",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36260"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4988",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27364",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27364"
            },
            {
              "name": "RHSA-2008:0145",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
            },
            {
              "name": "20071112 FLEA-2007-0066-1 ImageMagick",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
            },
            {
              "name": "USN-523-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-523-1"
            },
            {
              "name": "27309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27309"
            },
            {
              "name": "29786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29786"
            },
            {
              "name": "25765",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25765"
            },
            {
              "name": "http://www.imagemagick.org/script/changelog.php",
              "refsource": "CONFIRM",
              "url": "http://www.imagemagick.org/script/changelog.php"
            },
            {
              "name": "ADV-2007-3245",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3245"
            },
            {
              "name": "20070919 Multiple Vendor ImageMagick Sign Extension Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597"
            },
            {
              "name": "GLSA-200710-27",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
            },
            {
              "name": "1018729",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018729"
            },
            {
              "name": "27048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27048"
            },
            {
              "name": "imagemagick-readdibimage-bo(36737)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36737"
            },
            {
              "name": "28721",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28721"
            },
            {
              "name": "27439",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27439"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1743",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1743"
            },
            {
              "name": "DSA-1858",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1858"
            },
            {
              "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
              "refsource": "MLIST",
              "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
            },
            {
              "name": "26926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26926"
            },
            {
              "name": "MDVSA-2008:035",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
            },
            {
              "name": "oval:org.mitre.oval:def:9656",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9656"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=186030",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
            },
            {
              "name": "SUSE-SR:2007:023",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
            },
            {
              "name": "36260",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36260"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4988",
    "datePublished": "2007-09-24T22:00:00",
    "dateReserved": "2007-09-19T00:00:00",
    "dateUpdated": "2024-08-07T15:17:27.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-4219
Vulnerability from cvelistv5
Published
2022-03-23 19:46
Modified
2024-08-03 17:16
Severity ?
Summary
A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.
References
Impacted products
n/aimagemagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:16:04.364Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "imagemagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "imagemagick 6.9.12-34, imagemagick 7.1.0-19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-25T18:03:06",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-4219",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "imagemagick",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "imagemagick 6.9.12-34, imagemagick 7.1.0-19"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-4219",
    "datePublished": "2022-03-23T19:46:17",
    "dateReserved": "2022-02-15T00:00:00",
    "dateUpdated": "2024-08-03T17:16:04.364Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8346
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/440x_refsource_CONFIRM
http://www.securityfocus.com/bid/98346vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.384Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/440"
          },
          {
            "name": "98346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98346"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/440"
        },
        {
          "name": "98346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98346"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8346",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/440",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/440"
            },
            {
              "name": "98346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98346"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8346",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12432
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.
References
https://github.com/ImageMagick/ImageMagick/issues/536x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4019vendor-advisory, x_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2019/05/msg00015.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.119Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/536"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4019",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4019"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-14T12:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/536"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4019",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4019"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12432",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/536",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/536"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4019",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4019"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12432",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.119Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5511
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42"
          },
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "name": "95746",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95746"
          },
          {
            "name": "DSA-3799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3799"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/347"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42"
        },
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "name": "95746",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95746"
        },
        {
          "name": "DSA-3799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3799"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/347"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5511",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42"
            },
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "95746",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95746"
            },
            {
              "name": "DSA-3799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3799"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/347",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/347"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5511",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:15.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12875
Vulnerability from cvelistv5
Published
2017-08-29 15:00
Modified
2024-08-05 18:51
Severity ?
Summary
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:51:07.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/659"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/659"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12875",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/659",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/659"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12875",
    "datePublished": "2017-08-29T15:00:00",
    "dateReserved": "2017-08-15T00:00:00",
    "dateUpdated": "2024-08-05T18:51:07.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-13136
Vulnerability from cvelistv5
Published
2019-07-01 19:27
Modified
2024-08-04 23:41
Severity ?
Summary
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1602"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K03512441?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-11T04:06:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1602"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K03512441?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13136",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1602",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1602"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K03512441?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K03512441?utm_source=f5support\u0026amp;utm_medium=RSS"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13136",
    "datePublished": "2019-07-01T19:27:46",
    "dateReserved": "2019-07-01T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9823
Vulnerability from cvelistv5
Published
2017-03-30 15:00
Modified
2024-08-06 13:55
Severity ?
Summary
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-30T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9823",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343479"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=09561d37839dbfa04e017eea14811312985095d8"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "[oss-security] 20141224 Imagemagick fuzzing bug",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9823",
    "datePublished": "2017-03-30T15:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.454Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5118
Vulnerability from cvelistv5
Published
2016-06-10 15:00
Modified
2024-08-06 00:53
Severity ?
Summary
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
References
https://access.redhat.com/errata/RHSA-2016:1237vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1035985vdb-entry, x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.htmlvendor-advisory, x_refsource_SUSE
http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.htmlvendor-advisory, x_refsource_SUSE
http://www.securitytracker.com/id/1035984vdb-entry, x_refsource_SECTRACK
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/90938vdb-entry, x_refsource_BID
http://www.openwall.com/lists/oss-security/2016/05/30/1mailing-list, x_refsource_MLIST
http://www.ubuntu.com/usn/USN-2990-1vendor-advisory, x_refsource_UBUNTU
http://www.debian.org/security/2016/dsa-3591vendor-advisory, x_refsource_DEBIAN
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.397749vendor-advisory, x_refsource_SLACKWARE
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.htmlvendor-advisory, x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlx_refsource_CONFIRM
http://www.debian.org/security/2016/dsa-3746vendor-advisory, x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2016/05/29/7mailing-list, x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.htmlvendor-advisory, x_refsource_SUSE
http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8x_refsource_CONFIRM
http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLogx_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:53:47.880Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:1237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1237"
          },
          {
            "name": "1035985",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035985"
          },
          {
            "name": "SUSE-SU-2016:1570",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858"
          },
          {
            "name": "openSUSE-SU-2016:1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html"
          },
          {
            "name": "openSUSE-SU-2016:1521",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html"
          },
          {
            "name": "1035984",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035984"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
          },
          {
            "name": "90938",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/90938"
          },
          {
            "name": "[oss-security] 20160529 Re: CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/30/1"
          },
          {
            "name": "USN-2990-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2990-1"
          },
          {
            "name": "DSA-3591",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3591"
          },
          {
            "name": "SSA:2016-152-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.397749"
          },
          {
            "name": "SUSE-SU-2016:1614",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "DSA-3746",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3746"
          },
          {
            "name": "[oss-security] 20160529 CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/05/29/7"
          },
          {
            "name": "SUSE-SU-2016:1610",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.html"
          },
          {
            "name": "openSUSE-SU-2016:1653",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.html"
          },
          {
            "name": "openSUSE-SU-2016:1522",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2016:1237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1237"
        },
        {
          "name": "1035985",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035985"
        },
        {
          "name": "SUSE-SU-2016:1570",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858"
        },
        {
          "name": "openSUSE-SU-2016:1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html"
        },
        {
          "name": "openSUSE-SU-2016:1521",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html"
        },
        {
          "name": "1035984",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035984"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
        },
        {
          "name": "90938",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/90938"
        },
        {
          "name": "[oss-security] 20160529 Re: CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/30/1"
        },
        {
          "name": "USN-2990-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2990-1"
        },
        {
          "name": "DSA-3591",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3591"
        },
        {
          "name": "SSA:2016-152-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.397749"
        },
        {
          "name": "SUSE-SU-2016:1614",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "DSA-3746",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3746"
        },
        {
          "name": "[oss-security] 20160529 CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/05/29/7"
        },
        {
          "name": "SUSE-SU-2016:1610",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.html"
        },
        {
          "name": "openSUSE-SU-2016:1653",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.html"
        },
        {
          "name": "openSUSE-SU-2016:1522",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5118",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:1237",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1237"
            },
            {
              "name": "1035985",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035985"
            },
            {
              "name": "SUSE-SU-2016:1570",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00021.html"
            },
            {
              "name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858",
              "refsource": "CONFIRM",
              "url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858"
            },
            {
              "name": "openSUSE-SU-2016:1534",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html"
            },
            {
              "name": "openSUSE-SU-2016:1521",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html"
            },
            {
              "name": "1035984",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035984"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "90938",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/90938"
            },
            {
              "name": "[oss-security] 20160529 Re: CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/05/30/1"
            },
            {
              "name": "USN-2990-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2990-1"
            },
            {
              "name": "DSA-3591",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3591"
            },
            {
              "name": "SSA:2016-152-01",
              "refsource": "SLACKWARE",
              "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.397749"
            },
            {
              "name": "SUSE-SU-2016:1614",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00032.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "DSA-3746",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3746"
            },
            {
              "name": "[oss-security] 20160529 CVE Request: GraphicsMagick and ImageMagick popen() shell vulnerability via filename",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/05/29/7"
            },
            {
              "name": "SUSE-SU-2016:1610",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00030.html"
            },
            {
              "name": "openSUSE-SU-2016:1653",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00047.html"
            },
            {
              "name": "openSUSE-SU-2016:1522",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html"
            },
            {
              "name": "http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8",
              "refsource": "CONFIRM",
              "url": "http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8"
            },
            {
              "name": "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog",
              "refsource": "CONFIRM",
              "url": "http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5118",
    "datePublished": "2016-06-10T15:00:00",
    "dateReserved": "2016-05-29T00:00:00",
    "dateUpdated": "2024-08-06T00:53:47.880Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14528
Vulnerability from cvelistv5
Published
2017-09-18 00:00
Modified
2024-08-05 19:27
Severity ?
Summary
The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.779Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2730"
          },
          {
            "name": "100875",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100875"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32560"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-12T19:06:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2730"
        },
        {
          "name": "100875",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100875"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32560"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14528",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2730",
              "refsource": "MISC",
              "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2730"
            },
            {
              "name": "100875",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100875"
            },
            {
              "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32560",
              "refsource": "MISC",
              "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=32560"
            },
            {
              "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14528",
    "datePublished": "2017-09-18T00:00:00",
    "dateReserved": "2017-09-17T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16711
Vulnerability from cvelistv5
Published
2019-09-23 11:45
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.106Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1542"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1542"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16711",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1542",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1542"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16711",
    "datePublished": "2019-09-23T11:45:51",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8351
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
http://www.securityfocus.com/bid/98371vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/448x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98371",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98371"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/448"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "98371",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98371"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/448"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8351",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98371",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98371"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/448",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/448"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8351",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13058
Vulnerability from cvelistv5
Published
2017-08-22 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/100468vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/666x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:11.491Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100468"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/666"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100468"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/666"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13058",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100468",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100468"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/666",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/666"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13058",
    "datePublished": "2017-08-22T06:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:11.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7538
Vulnerability from cvelistv5
Published
2017-04-20 18:00
Modified
2024-08-06 02:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:04:54.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378775"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273"
          },
          {
            "name": "93131",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93131"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/148"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:41:51",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378775"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273"
        },
        {
          "name": "93131",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93131"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/148"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7538",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378775",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378775"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1556273"
            },
            {
              "name": "93131",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93131"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/148",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/148"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/82e2049862a8b8a999e160734ad64fb6cc3b145f"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7538",
    "datePublished": "2017-04-20T18:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T02:04:54.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5509
Vulnerability from cvelistv5
Published
2017-03-24 15:00
Modified
2024-08-05 15:04
Severity ?
Summary
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:14.625Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377"
          },
          {
            "name": "GLSA-201702-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201702-09"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/350"
          },
          {
            "name": "95751",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95751"
          },
          {
            "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377"
        },
        {
          "name": "GLSA-201702-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201702-09"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/350"
        },
        {
          "name": "95751",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95751"
        },
        {
          "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2017-5509",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851377"
            },
            {
              "name": "GLSA-201702-09",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201702-09"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/37a1710e2dab6ed91128ea648d654a22fbe2a6af"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d4ec73f866a7c42a2e7f301fcd696e5cb7a7d3ab"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/350",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/350"
            },
            {
              "name": "95751",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95751"
            },
            {
              "name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2017-5509",
    "datePublished": "2017-03-24T15:00:00",
    "dateReserved": "2017-01-16T00:00:00",
    "dateUpdated": "2024-08-05T15:04:14.625Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12974
Vulnerability from cvelistv5
Published
2019-06-26 17:07
Modified
2024-08-04 23:41
Severity ?
Summary
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.035Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1515"
          },
          {
            "name": "108913",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108913"
          },
          {
            "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
          },
          {
            "name": "openSUSE-SU-2019:1983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          },
          {
            "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-19T01:06:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1515"
        },
        {
          "name": "108913",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108913"
        },
        {
          "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
        },
        {
          "name": "openSUSE-SU-2019:1983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        },
        {
          "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12974",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1515",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1515"
            },
            {
              "name": "108913",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108913"
            },
            {
              "name": "[debian-lts-announce] 20190816 [SECURITY] [DLA 1888-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2019:1983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            },
            {
              "name": "[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12974",
    "datePublished": "2019-06-26T17:07:59",
    "dateReserved": "2019-06-26T00:00:00",
    "dateUpdated": "2024-08-04T23:41:10.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11524
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99934",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/506"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99934",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/506"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11524",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99934",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99934"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/506",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/506"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867798"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11524",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14343
Vulnerability from cvelistv5
Published
2017-09-12 17:00
Modified
2024-08-05 19:20
Severity ?
Summary
ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/649x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:20:41.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/649"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/649"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14343",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/649",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/649"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14343",
    "datePublished": "2017-09-12T17:00:00",
    "dateReserved": "2017-09-12T00:00:00",
    "dateUpdated": "2024-08-05T19:20:41.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11449
Vulnerability from cvelistv5
Published
2017-07-19 07:00
Modified
2024-08-05 18:12
Severity ?
Summary
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.737Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
          },
          {
            "name": "99958",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99958"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-27T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
        },
        {
          "name": "99958",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99958"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11449",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/b007dd3a048097d8f58949297f5b434612e1e1a3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/556",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
            },
            {
              "name": "99958",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99958"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/529ff26b68febb2ac03062c58452ea0b4c6edbc1"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867896"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11449",
    "datePublished": "2017-07-19T07:00:00",
    "dateReserved": "2017-07-19T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-8349
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/443x_refsource_CONFIRM
http://www.securityfocus.com/bid/98370vdb-entry, x_refsource_BID
http://www.debian.org/security/2017/dsa-3863vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/443"
          },
          {
            "name": "98370",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98370"
          },
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-03T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/443"
        },
        {
          "name": "98370",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98370"
        },
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-8349",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/443",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/443"
            },
            {
              "name": "98370",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98370"
            },
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-8349",
    "datePublished": "2017-04-30T17:00:00",
    "dateReserved": "2017-04-30T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-5841
Vulnerability from cvelistv5
Published
2016-12-13 15:00
Modified
2024-08-06 01:15
Severity ?
Summary
Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:08.969Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
          },
          {
            "name": "91394",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91394"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
          },
          {
            "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
          },
          {
            "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-13T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
        },
        {
          "name": "91394",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91394"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
        },
        {
          "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
        },
        {
          "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-5841",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
            },
            {
              "name": "91394",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91394"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
            },
            {
              "name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
            },
            {
              "name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-5841",
    "datePublished": "2016-12-13T15:00:00",
    "dateReserved": "2016-06-23T00:00:00",
    "dateUpdated": "2024-08-06T01:15:08.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0817
Vulnerability from cvelistv5
Published
2004-09-17 04:00
Modified
2024-08-08 00:31
Severity ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
          },
          {
            "name": "DSA-548",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-548"
          },
          {
            "name": "MDKSA-2004:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
          },
          {
            "name": "imlib-bmp-bo(17182)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
          },
          {
            "name": "201611",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
          },
          {
            "name": "CLA-2004:870",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
          },
          {
            "name": "11084",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11084"
          },
          {
            "name": "oval:org.mitre.oval:def:8843",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
          },
          {
            "name": "GLSA-200409-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
        },
        {
          "name": "DSA-548",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-548"
        },
        {
          "name": "MDKSA-2004:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
        },
        {
          "name": "imlib-bmp-bo(17182)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
        },
        {
          "name": "201611",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
        },
        {
          "name": "CLA-2004:870",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
        },
        {
          "name": "11084",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11084"
        },
        {
          "name": "oval:org.mitre.oval:def:8843",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
        },
        {
          "name": "GLSA-200409-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0817",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:465",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
            },
            {
              "name": "DSA-548",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-548"
            },
            {
              "name": "MDKSA-2004:089",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
            },
            {
              "name": "imlib-bmp-bo(17182)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
            },
            {
              "name": "201611",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
            },
            {
              "name": "CLA-2004:870",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
            },
            {
              "name": "11084",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11084"
            },
            {
              "name": "oval:org.mitre.oval:def:8843",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
            },
            {
              "name": "GLSA-200409-12",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0817",
    "datePublished": "2004-09-17T04:00:00",
    "dateReserved": "2004-08-25T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12433
Vulnerability from cvelistv5
Published
2017-08-04 10:00
Modified
2024-08-05 18:36
Severity ?
Summary
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://github.com/ImageMagick/ImageMagick/issues/548x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/548"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/548"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12433",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/548",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/548"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12433",
    "datePublished": "2017-08-04T10:00:00",
    "dateReserved": "2017-08-04T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13131
Vulnerability from cvelistv5
Published
2017-08-23 03:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/100478vdb-entry, x_refsource_BID
https://github.com/ImageMagick/ImageMagick/issues/676x_refsource_CONFIRM
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.527Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100478",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100478"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/676"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100478",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100478"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/676"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100478",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100478"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/676",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/676"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13131",
    "datePublished": "2017-08-23T03:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:12.527Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11448
Vulnerability from cvelistv5
Published
2017-07-19 07:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T18:50:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11448",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/556",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11448",
    "datePublished": "2017-07-19T07:00:00",
    "dateReserved": "2017-07-19T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-9854
Vulnerability from cvelistv5
Published
2017-03-17 14:00
Modified
2024-08-06 13:55
Severity ?
Summary
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:55:04.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2016:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=5ee6f49297c8137cae527429e0267462c14ec3ed"
          },
          {
            "name": "SUSE-SU-2016:1782",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
          },
          {
            "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
          },
          {
            "name": "openSUSE-SU-2016:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
          },
          {
            "name": "SUSE-SU-2016:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514"
          },
          {
            "name": "USN-3131-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3131-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the \"identification of image.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2016:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=5ee6f49297c8137cae527429e0267462c14ec3ed"
        },
        {
          "name": "SUSE-SU-2016:1782",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
        },
        {
          "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
        },
        {
          "name": "openSUSE-SU-2016:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
        },
        {
          "name": "SUSE-SU-2016:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514"
        },
        {
          "name": "USN-3131-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3131-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9854",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the \"identification of image.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2016:1833",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html"
            },
            {
              "name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=5ee6f49297c8137cae527429e0267462c14ec3ed",
              "refsource": "CONFIRM",
              "url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=5ee6f49297c8137cae527429e0267462c14ec3ed"
            },
            {
              "name": "SUSE-SU-2016:1782",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html"
            },
            {
              "name": "[oss-security] 20160602 Re: ImageMagick CVEs",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
            },
            {
              "name": "openSUSE-SU-2016:1748",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html"
            },
            {
              "name": "SUSE-SU-2016:1784",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343514"
            },
            {
              "name": "USN-3131-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3131-1"
            },
            {
              "name": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b",
              "refsource": "CONFIRM",
              "url": "http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9854",
    "datePublished": "2017-03-17T14:00:00",
    "dateReserved": "2016-06-02T00:00:00",
    "dateUpdated": "2024-08-06T13:55:04.442Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8678
Vulnerability from cvelistv5
Published
2017-02-15 21:00
Modified
2024-08-06 02:27
Severity ?
Summary
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385694"
          },
          {
            "name": "[oss-security] 20161208 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/08/18"
          },
          {
            "name": "[oss-security] 20161015 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/10/16/2"
          },
          {
            "name": "93599",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93599"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/272"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file.  NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385694"
        },
        {
          "name": "[oss-security] 20161208 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/08/18"
        },
        {
          "name": "[oss-security] 20161015 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/10/16/2"
        },
        {
          "name": "93599",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93599"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/272"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-8678",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file.  NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1385694",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385694"
            },
            {
              "name": "[oss-security] 20161208 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/08/18"
            },
            {
              "name": "[oss-security] 20161015 Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/10/16/2"
            },
            {
              "name": "93599",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93599"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/272",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/272"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-8678",
    "datePublished": "2017-02-15T21:00:00",
    "dateReserved": "2016-10-15T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-17965
Vulnerability from cvelistv5
Published
2018-10-03 18:00
Modified
2024-08-05 11:01
Severity ?
Summary
ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.
References
https://github.com/ImageMagick/ImageMagick/issues/1052x_refsource_MISC
https://usn.ubuntu.com/4034-1/vendor-advisory, x_refsource_UBUNTU
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.803Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1052"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T14:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1052"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17965",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1052",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1052"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17965",
    "datePublished": "2018-10-03T18:00:00",
    "dateReserved": "2018-10-03T00:00:00",
    "dateUpdated": "2024-08-05T11:01:14.803Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27763
Vulnerability from cvelistv5
Published
2020-12-03 00:00
Modified
2024-08-04 16:18
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894682"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.8-68"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "CWE-369",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894682"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27763",
    "datePublished": "2020-12-03T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9409
Vulnerability from cvelistv5
Published
2017-06-02 19:00
Modified
2024-09-17 03:34
Severity ?
Summary
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:44.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/458"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-02T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/458"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9409",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/458",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/458"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9409",
    "datePublished": "2017-06-02T19:00:00Z",
    "dateReserved": "2017-06-02T00:00:00Z",
    "dateUpdated": "2024-09-17T03:34:28.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27773
Vulnerability from cvelistv5
Published
2020-12-04 00:00
Modified
2024-08-04 16:25
Severity ?
Summary
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:42.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898295"
          },
          {
            "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ImageMagick 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "(CWE-369|CWE-190)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898295"
        },
        {
          "name": "[debian-lts-announce] 20210112 [SECURITY] [DLA 2523-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27773",
    "datePublished": "2020-12-04T00:00:00",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:25:42.454Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9144
Vulnerability from cvelistv5
Published
2017-05-22 14:00
Modified
2024-08-05 16:55
Severity ?
Summary
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:55:22.357Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-3863",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3863"
          },
          {
            "name": "98603",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98603"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/f6240ee77847787f6d7618b669d3a2040a2d6d40"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T20:48:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-3863",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3863"
        },
        {
          "name": "98603",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98603"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/f6240ee77847787f6d7618b669d3a2040a2d6d40"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-3863",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3863"
            },
            {
              "name": "98603",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98603"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/f6240ee77847787f6d7618b669d3a2040a2d6d40",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/f6240ee77847787f6d7618b669d3a2040a2d6d40"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9144",
    "datePublished": "2017-05-22T14:00:00",
    "dateReserved": "2017-05-22T00:00:00",
    "dateUpdated": "2024-08-05T16:55:22.357Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-17504
Vulnerability from cvelistv5
Published
2017-12-11 02:00
Modified
2024-08-05 20:51
Severity ?
Summary
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
References
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-4074vendor-advisory, x_refsource_DEBIAN
https://github.com/ImageMagick/ImageMagick/issues/872x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/01/msg00000.htmlmailing-list, x_refsource_MLIST
https://www.debian.org/security/2018/dsa-4204vendor-advisory, x_refsource_DEBIAN
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:51:32.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "DSA-4074",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-4074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/872"
          },
          {
            "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
          },
          {
            "name": "DSA-4204",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4204"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "DSA-4074",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-4074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/872"
        },
        {
          "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
        },
        {
          "name": "DSA-4204",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4204"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17504",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "DSA-4074",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-4074"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/872",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/872"
            },
            {
              "name": "[debian-lts-announce] 20180101 [SECURITY] [DLA 1227-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html"
            },
            {
              "name": "DSA-4204",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4204"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17504",
    "datePublished": "2017-12-11T02:00:00",
    "dateReserved": "2017-12-10T00:00:00",
    "dateUpdated": "2024-08-05T20:51:32.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12563
Vulnerability from cvelistv5
Published
2017-08-05 18:00
Modified
2024-08-05 18:43
Severity ?
Summary
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:43:55.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/599"
          },
          {
            "name": "100153",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100153"
          },
          {
            "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/599"
        },
        {
          "name": "100153",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100153"
        },
        {
          "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-12563",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/599",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/599"
            },
            {
              "name": "100153",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100153"
            },
            {
              "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-12563",
    "datePublished": "2017-08-05T18:00:00",
    "dateReserved": "2017-08-05T00:00:00",
    "dateUpdated": "2024-08-05T18:43:55.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-10251
Vulnerability from cvelistv5
Published
2020-03-10 03:58
Modified
2024-08-04 10:58
Severity ?
Summary
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.
References
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:58:39.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1859"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-10T03:58:33",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1859"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-10251",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1859",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1859"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-10251",
    "datePublished": "2020-03-10T03:58:33",
    "dateReserved": "2020-03-09T00:00:00",
    "dateUpdated": "2024-08-04T10:58:39.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-14533
Vulnerability from cvelistv5
Published
2017-09-18 01:00
Modified
2024-08-05 19:27
Severity ?
Summary
ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.
References
https://github.com/ImageMagick/ImageMagick/issues/648x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/100885vdb-entry, x_refsource_BID
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:27:40.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/648"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "100885",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100885"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-13T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/648"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "100885",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100885"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-14533",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/648",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/648"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "100885",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100885"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-14533",
    "datePublished": "2017-09-18T01:00:00",
    "dateReserved": "2017-09-17T00:00:00",
    "dateUpdated": "2024-08-05T19:27:40.898Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-7396
Vulnerability from cvelistv5
Published
2019-02-05 00:00
Modified
2024-08-04 20:46
Severity ?
Summary
In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:46.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1452"
          },
          {
            "name": "106849",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106849"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce"
          },
          {
            "name": "openSUSE-SU-2019:1141",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
          },
          {
            "name": "USN-4034-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4034-1/"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1452"
        },
        {
          "name": "106849",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106849"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce"
        },
        {
          "name": "openSUSE-SU-2019:1141",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
        },
        {
          "name": "USN-4034-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4034-1/"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7396",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1452",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1452"
            },
            {
              "name": "106849",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106849"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce"
            },
            {
              "name": "openSUSE-SU-2019:1141",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html"
            },
            {
              "name": "USN-4034-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4034-1/"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7396",
    "datePublished": "2019-02-05T00:00:00",
    "dateReserved": "2019-02-04T00:00:00",
    "dateUpdated": "2024-08-04T20:46:46.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16708
Vulnerability from cvelistv5
Published
2019-09-23 11:46
Modified
2024-08-05 01:17
Severity ?
Summary
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:41.106Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
          },
          {
            "name": "USN-4192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4192-1/"
          },
          {
            "name": "openSUSE-SU-2019:2515",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
          },
          {
            "name": "openSUSE-SU-2019:2519",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
          },
          {
            "name": "DSA-4712",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4712"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-01T11:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
        },
        {
          "name": "USN-4192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4192-1/"
        },
        {
          "name": "openSUSE-SU-2019:2515",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
        },
        {
          "name": "openSUSE-SU-2019:2519",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
        },
        {
          "name": "DSA-4712",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4712"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/1531",
              "refsource": "MISC",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/1531"
            },
            {
              "name": "USN-4192-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4192-1/"
            },
            {
              "name": "openSUSE-SU-2019:2515",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html"
            },
            {
              "name": "openSUSE-SU-2019:2519",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html"
            },
            {
              "name": "DSA-4712",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4712"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16708",
    "datePublished": "2019-09-23T11:46:19",
    "dateReserved": "2019-09-23T00:00:00",
    "dateUpdated": "2024-08-05T01:17:41.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11526
Vulnerability from cvelistv5
Published
2017-07-23 03:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:40.231Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825"
          },
          {
            "name": "99932",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/527"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825"
        },
        {
          "name": "99932",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/527"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11526",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825"
            },
            {
              "name": "99932",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99932"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/527",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/527"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11526",
    "datePublished": "2017-07-23T03:00:00",
    "dateReserved": "2017-07-22T00:00:00",
    "dateUpdated": "2024-08-05T18:12:40.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-13061
Vulnerability from cvelistv5
Published
2017-08-22 06:00
Modified
2024-08-05 18:58
Severity ?
Summary
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
References
https://github.com/ImageMagick/ImageMagick/issues/645x_refsource_CONFIRM
https://usn.ubuntu.com/3681-1/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201711-07vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/100481vdb-entry, x_refsource_BID
https://lists.debian.org/debian-lts-announce/2020/09/msg00007.htmlmailing-list, x_refsource_MLIST
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:11.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/645"
          },
          {
            "name": "USN-3681-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3681-1/"
          },
          {
            "name": "GLSA-201711-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-07"
          },
          {
            "name": "100481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100481"
          },
          {
            "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-08-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-07T23:06:31",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/645"
        },
        {
          "name": "USN-3681-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3681-1/"
        },
        {
          "name": "GLSA-201711-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-07"
        },
        {
          "name": "100481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100481"
        },
        {
          "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-13061",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/645",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/645"
            },
            {
              "name": "USN-3681-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3681-1/"
            },
            {
              "name": "GLSA-201711-07",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-07"
            },
            {
              "name": "100481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100481"
            },
            {
              "name": "[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-13061",
    "datePublished": "2017-08-22T06:00:00",
    "dateReserved": "2017-08-22T00:00:00",
    "dateUpdated": "2024-08-05T18:58:11.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-11447
Vulnerability from cvelistv5
Published
2017-07-19 07:00
Modified
2024-08-05 18:12
Severity ?
Summary
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:12:39.838Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
          },
          {
            "name": "99948",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99948"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-08T17:24:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
        },
        {
          "name": "99948",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99948"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-11447",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/556",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/556"
            },
            {
              "name": "99948",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99948"
            },
            {
              "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897",
              "refsource": "CONFIRM",
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867897"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/72a50e400d98d7a2fd610caedfeb9af043dc5582"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-11447",
    "datePublished": "2017-07-19T07:00:00",
    "dateReserved": "2017-07-19T00:00:00",
    "dateUpdated": "2024-08-05T18:12:39.838Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-8716
Vulnerability from cvelistv5
Published
2017-04-11 19:00
Modified
2024-08-06 13:26
Severity ?
Summary
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:26:02.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26456"
          },
          {
            "name": "70992",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70992"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164248"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-11T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26456"
        },
        {
          "name": "70992",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70992"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164248"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8716",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26456",
              "refsource": "MISC",
              "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3\u0026t=26456"
            },
            {
              "name": "70992",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70992"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1164248",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164248"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8716",
    "datePublished": "2017-04-11T19:00:00",
    "dateReserved": "2014-11-09T00:00:00",
    "dateUpdated": "2024-08-06T13:26:02.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-7515
Vulnerability from cvelistv5
Published
2017-04-19 14:00
Modified
2024-08-06 01:57
Severity ?
Summary
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:57:47.686Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378741"
          },
          {
            "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
          },
          {
            "name": "93120",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93120"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-19T11:57:01",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378741"
        },
        {
          "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
        },
        {
          "name": "93120",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93120"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2016-7515",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378741",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378741"
            },
            {
              "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
            },
            {
              "name": "93120",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93120"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533445"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/issues/82",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/issues/82"
            },
            {
              "name": "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1",
              "refsource": "CONFIRM",
              "url": "https://github.com/ImageMagick/ImageMagick/commit/2ad6d33493750a28a5a655d319a8e0b16c392de1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2016-7515",
    "datePublished": "2017-04-19T14:00:00",
    "dateReserved": "2016-09-09T00:00:00",
    "dateUpdated": "2024-08-06T01:57:47.686Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25675
Vulnerability from cvelistv5
Published
2020-12-08 00:00
Modified
2024-08-04 15:40
Severity ?
Summary
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0.
Impacted products
n/aImageMagick
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891933"
          },
          {
            "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
          },
          {
            "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageMagick",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 7.0.9-0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-11T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891933"
        },
        {
          "name": "[debian-lts-announce] 20210323 [SECURITY] [DLA 2602-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html"
        },
        {
          "name": "[debian-lts-announce] 20230311 [SECURITY] [DLA 3357-1] imagemagick security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25675",
    "datePublished": "2020-12-08T00:00:00",
    "dateReserved": "2020-09-16T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-200704-0229
Vulnerability from variot

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. X.Org and XFree86 of libXfont Used in FontFileInitTable() Functions include fonts.dir An integer overflow vulnerability exists when an excessively long string is specified on the first line of a file.X Denial of service caused by a crash caused by a malicious user who can connect to the server (DoS) State, or X Server execution authority (root) May execute arbitrary code. The 'libXfont' library is prone to multiple local integer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. These issues affect libXfont 1.2.2; other versions may also be vulnerable. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. X.Org's LibXFont library has an integer overflow when parsing BDF fonts, allowing attackers to cause heap overflow through specially crafted BDF fonts. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200705-10


                                        http://security.gentoo.org/

Severity: High Title: LibXfont, TightVNC: Multiple vulnerabilities Date: May 08, 2007 Bugs: #172575, #174200 ID: 200705-10


Synopsis

Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges.

Background

LibXfont is the X.Org font library. TightVNC is a VNC client/server for X displays.

Affected packages

-------------------------------------------------------------------
 Package            /  Vulnerable  /                    Unaffected
-------------------------------------------------------------------

1 net-misc/tightvnc < 1.2.9-r4 >= 1.2.9-r4 2 x11-libs/libXfont < 1.2.7-r1 >= 1.2.7-r1 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------

Description

The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected.

Impact

A local attacker could use a specially crafted BDF Font to gain root privileges on the vulnerable host.

Resolution

All libXfont users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.7-r1"

All TightVNC users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tightvnc-1.2.9-r4"

References

[ 1 ] CVE-2007-1003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 [ 2 ] CVE-2007-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 [ 3 ] CVE-2007-1352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200705-10.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 .

The vulnerability exists in the ProcXCMiscGetXIDList() function in the XC-MISC extension. This request is used to determine what resource IDs are available for use. This function contains two vulnerabilities, both result in memory corruption of either the stack or heap. The ALLOCATE_LOCAL() macro used by this function allocates memory on the stack using alloca() on systems where alloca() is present, or using the heap otherwise. The handler function takes a user provided value, multiplies it, and then passes it to the above macro. This results in both an integer overflow vulnerability, and an alloca() stack pointer shifting vulnerability. (CVE-2007-1003)

iDefense reported two integer overflows in the way X.org handled various font files. (CVE-2007-1351, CVE-2007-1352)

TightVNC uses some of the same code base as Xorg, and has the same vulnerable code.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352


Updated Packages:

Mandriva Linux 2007.1: 9c14a56106984cd16780a1fd7e9c7beb 2007.1/i586/tightvnc-1.2.9-16.1mdv2007.1.i586.rpm 8aa3673bc8843dae12d9f18c4226214e 2007.1/i586/tightvnc-doc-1.2.9-16.1mdv2007.1.i586.rpm d78d10a879bc1b1c461f75b815dcd656 2007.1/i586/tightvnc-server-1.2.9-16.1mdv2007.1.i586.rpm 59e94b523bc078f3997f689dae0e22b5 2007.1/SRPMS/tightvnc-1.2.9-16.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64: 26e585c8ba950720c17ea4ce1373c05c 2007.1/x86_64/tightvnc-1.2.9-16.1mdv2007.1.x86_64.rpm 6f031ef92c5bec87488bba5861f0d41e 2007.1/x86_64/tightvnc-doc-1.2.9-16.1mdv2007.1.x86_64.rpm 205e13d0c46dc25bfa39c7dcfafe6dcb 2007.1/x86_64/tightvnc-server-1.2.9-16.1mdv2007.1.x86_64.rpm 59e94b523bc078f3997f689dae0e22b5 2007.1/SRPMS/tightvnc-1.2.9-16.1mdv2007.1.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.


Secunia is proud to announce the availability of the Secunia Software Inspector.

The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.

Try it out online: http://secunia.com/software_inspector/


TITLE: Linux-PAM Login Bypass Security Vulnerability

SECUNIA ADVISORY ID: SA23858

VERIFY ADVISORY: http://secunia.com/advisories/23858/

CRITICAL: Moderately critical

IMPACT: Security Bypass

WHERE:

From remote

SOFTWARE: Linux-PAM 0.x http://secunia.com/product/1701/

DESCRIPTION: A vulnerability has been reported in Linux-PAM, which can be exploited by malicious people to bypass certain security restrictions. This can be exploited to login with any given password if the hash in the passwd file is "!!" or similar.

SOLUTION: Update to version 0.99.7.1.

PROVIDED AND/OR DISCOVERED BY: Bernardo Innocenti

ORIGINAL ADVISORY: https://www.redhat.com/archives/pam-list/2007-January/msg00017.html http://www.redhat.com/archives/fedora-devel-list/2007-January/msg01277.html


About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


. Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability

iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007

I. BACKGROUND

The X Window System (or X11) is a graphical windowing system used on Unix-like systems. It is based on a client/server model. More information about about The X Window system is available at the following URL.

http://en.wikipedia.org/wiki/X_Window_System

II. DESCRIPTION

Local exploitation of an integer overflow vulnerability in multiple vendors' implementations of the X Window System font information file parsing component could allow execution of arbitrary commands with elevated privileges.

The vulnerability specifically exists in the parsing of the "fonts.dir" font information file. When the element count on the first line of the file specifies it contains more than 1,073,741,824 (2 to the power of 30) elements, a potentially exploitable heap overflow condition occurs.

III.

As the X11 server requires direct access to video hardware, it runs with elevated privileges. A user compromising an X server would gain those permissions.

In order to exploit this vulnerability, an attacker would need to be able to cause the X server to use a maliciously constructed font. The X11 server contains multiple methods for a user to define additional paths to look for fonts. An exploit has been developed using the "-fp" command line option to the X11 server to pass the location of the attack to the server. It is also possible to use "xset" command with the "fp" option to perform an attack on an already running server.

Some distributions allow users to start the X11 server only if they are logged on at the console, while others will allow any user to start it.

Attempts at exploiting this vulnerability may put the console into an unusable state. This will not prevent repeated exploitation attempts.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in X.Org X11R7.1.

V. WORKAROUND

iDefense is currently unaware of any effective workaround for this issue.

VI. VENDOR RESPONSE

The X.Org Foundation has addressed this vulnerability with source code patches. More information can be found from their advisory at the following URL.

http://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-1352 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

02/21/2007 Initial vendor notification 02/21/2007 Initial vendor response 04/03/2007 Coordinated public disclosure

IX. CREDIT

This vulnerability was discovered by Greg MacManus of iDefense Labs.

Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events http://labs.idefense.com/

X. LEGAL NOTICES

Copyright \xa9 2007 iDefense, Inc.

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. =========================================================== Ubuntu Security Notice USN-448-1 April 03, 2007 freetype, libxfont, xorg, xorg-server vulnerabilities CVE-2007-1003, CVE-2007-1351, CVE-2007-1352 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.3 libxfont1 1:0.99.0+cvs.20050909-1.3 xserver-xorg-core 6.8.2-77.3

Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.3 libxfont1 1:1.0.0-0ubuntu3.3 xserver-xorg-core 1:1.0.2-0ubuntu10.6

Ubuntu 6.10: libfreetype6 2.2.1-5ubuntu0.1 libxfont1 1:1.2.0-0ubuntu3.1 xserver-xorg-core 1:1.1.1-0ubuntu12.2

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

Sean Larsson of iDefense Labs discovered that the MISC-XC extension of Xorg did not correctly verify the size of allocated memory. (CVE-2007-1003)

Greg MacManus of iDefense Labs discovered that the BDF font handling code in Xorg and FreeType did not correctly verify the size of allocated memory. (CVE-2007-1351, CVE-2007-1352)

Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz
  Size/MD5:    57463 b8f6fa3ee48672ceca86bf9625536545
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc
  Size/MD5:      695 b4b76f4eb02a68844666cecef2655e87
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz
  Size/MD5:  1245623 991ff86e88b075ba363e876f4ea58680
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz
  Size/MD5:     7087 fa6f3d6472398c4afe51232508d5bd25
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc
  Size/MD5:      771 220ed305b077585687ccec6564955b03
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz
  Size/MD5:   788911 32b390bd94e4250475702e668b2bf243
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz
  Size/MD5:  2491611 eaa8cba7cdd69c746d88c0c28fe51c5c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc
  Size/MD5:     3728 9ae8a29c6619763c73ac3c7554615886
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz
  Size/MD5: 49471925 34cba217afe2c547e3a72657a3a27e37

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb
  Size/MD5:    65788 12bad26276ea4cb67cd2ef6959e8dc59
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb
  Size/MD5:    72432 2c968bd2d7fcc1f5f7ebbc07193f58a5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb
  Size/MD5:    65560 073f34a0d879c566823c70a701e40aeb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb
  Size/MD5:    92072 af61cbb4688ff1affeed10a82a8660dc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb
  Size/MD5:   715620 e4f2e86619a5f21ed660eca3f03897e3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb
  Size/MD5:    65536 e1edff49971cdb0872f71941f37950b3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:    75540 9be3f1b17f6ca112f2907b69d1e87ffa
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:   722918 748a13b1cfbdf910d89f435a822d0546
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb
  Size/MD5:   241784 bc3519b183a983495121373cd78c9456
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:   392948 d6f2e48fe489ca394fad153c07400d14
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   297970 157c10e1e0db8aced07b462777318da5
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   377708 bfc5fba5bc6305a66dc0836712e7a91b
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   243588 f275099ce971aa990f3d28e0d7aea5f3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb
  Size/MD5:    65746 e85a37b8b5ca3e0150961324914dd38a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb
  Size/MD5:    65774 dd5d197fe97c558ec418dde967a914a1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb
  Size/MD5:  1029630 40e93609ec560b44558b86cc717d2991
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb
  Size/MD5:   117402 35860dfb00719c6fffddb2b4a5747abd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb
  Size/MD5:   113704 24f40fbf5593dd653e72f6c2797516c0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb
  Size/MD5:  1526642 e357f9979668602743c2596992abee80
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb
  Size/MD5:   123324 d10670b3b2a2ae50b816062e004d1b7f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb
  Size/MD5:  3993068 d361ba44f7464198b2d990dd2f939ff3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb
  Size/MD5:  4773852 f644788b79b0d0a6deb0bb3e27743416
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb
  Size/MD5:   126370 521f72819330e496e89a253021cf5215
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb
  Size/MD5:    73882 3ebb4a5f56625e7b78d9e536072bc763
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb
  Size/MD5:   324240 e01da75bc223cdd1b8699b19291334d6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb
  Size/MD5:   152244 43f0e543b835068278f56c60690769bf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb
  Size/MD5:   101702 9ebbefa73e1c3194b6c04269fdb292d8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb
  Size/MD5:    81032 5d524764bb1c2bd8b918ed563b68886e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb
  Size/MD5:    70664 2db770e3cc6802174762f55c99ffd1b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb
  Size/MD5:    74290 49d5ffa068a163464a569a4c8cd662f1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb
  Size/MD5:   160244 e59c1b781ec041ac3df2486743ba07cc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb
  Size/MD5:    89792 4b5528d20347eb721df443aa14be6084
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb
  Size/MD5:   168474 a98c9ebf3b71b96066ee96c461e51de1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb
  Size/MD5:   154206 f146cd927b79c7f43fc4afe904fd7028
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb
  Size/MD5:    99620 45382b9464fc7c21021ca81f7601977a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb
  Size/MD5:   131230 d73416650296039e0d59d2a2b75f2d8e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb
  Size/MD5:    90240 5af0c68193b4349fbcd239ec482ed2ab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb
  Size/MD5:    91726 cb82c871f03ffb6e968bea210a6af75d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb
  Size/MD5:   104188 eb7e8e83da3cf9b4e7c65ed24b92a2e0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb
  Size/MD5:   107776 31c8cc09a6a9241c91d2c03975287842
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb
  Size/MD5:   105300 e06379b5530410c398c23d24e4a2682d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb
  Size/MD5:   340896 0114deb2e7cea78860e08ada6fc9d3d9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb
  Size/MD5:    99038 bd5c774e186120d851799de0d060ef3f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb
  Size/MD5:    88846 e611135fac9da5e514defd35fadd8025
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb
  Size/MD5:   132244 aab798cb57d644b327fe6a7bb5c51637
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb
  Size/MD5:    96404 3ee874ea69eefd45491d6ca56830f307
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb
  Size/MD5:    73392 6d5439acff5d2098ca6741cfb8ef6a00
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb
  Size/MD5:    77434 6e8e03907c375a01588e05d5e1b18b23
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb
  Size/MD5:    75352 b12939451111e63dd0917362e42ec4cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb
  Size/MD5:    70676 730768c822fa4c806bab0459866971aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb
  Size/MD5:    80550 184a471135082d501936061092fb607f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb
  Size/MD5:    70248 656d22076f2b45ded25f4d2f08d8801a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb
  Size/MD5:    90044 676d14ebebf88b4e12114b08b169003c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb
  Size/MD5:    71032 fd5b286d4122018630fe6afec181edb6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb
  Size/MD5:    70166 f1c622c52ee792548953adce5f372a2d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb
  Size/MD5:    69772 099498b9bb81379b15f5c24741a2befc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb
  Size/MD5:    73234 3410e093a87090fcf4ca0134c7f00ab3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb
  Size/MD5:    70778 b37384a5c58b046fef89f487ff49f5a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb
  Size/MD5:    72940 b873ef7a14637241aacfbce9951b60da
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb
  Size/MD5:    74632 79a5026db158fb123ff54af1e35d501d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb
  Size/MD5:    69366 8f0c8b39e5f88d657a8c038aae1305eb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb
  Size/MD5:    72022 0dd20d44c7f77c47c3dd3f7a3353b894
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb
  Size/MD5:    98390 2c172d033b5252846ceeee40990d0a16
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb
  Size/MD5:    73580 3d3b88bf32deff96a074b58a30a0cbee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb
  Size/MD5:    71608 db4f436ea8ad1ecf12698014afca127f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb
  Size/MD5:    70346 ca124fdfda754fcd9a91adb46d62a84e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb
  Size/MD5:    69124 ac4fa56df52b175d81769cc20caf3777
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb
  Size/MD5:    72888 c1279a890e388b9cdb7e8e79c6e6cafb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb
  Size/MD5:    70860 c17d207b3d04bd35ad5afa7ba56597e7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb
  Size/MD5:    67680 77d2e92de46a38a197f62355e45a84ee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb
  Size/MD5:   101040 b66ac048fc5858c86e9dc079c79f8b38
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb
  Size/MD5:   274146 40e3014ce80f6be8852fa043105bab70
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb
  Size/MD5:  1640494 bf0c8235665a11c099cd227ad2b3a60b

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:    52860 8f9822785a4d4feeb120b7ef6d874709
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:   686404 46b3001cdee7cd73141461033f8f4482
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb
  Size/MD5:   209260 17f5df161bde9954b46051ef2e989159
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:   361112 e8d31f9d89c442a5834144b374b49a54
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   275968 4d5e4d8c032a149c09033a3f4d078faa
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   321688 f7e708a09b31924830357d10ad2fec40
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   217758 a18b74fa709fa38ba055e8e4b820a09c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb
  Size/MD5:    65750 86dfe78dfa09f1d7a52d646fb10401cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb
  Size/MD5:    65778 5dbe48fb74851b2c6e85cd143560884a
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb
  Size/MD5:   880068 69e876557cbb97c0b51a2574f2ab4a2a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb
  Size/MD5:   111442 5fb72b1e75b0a6e8a528940045233288
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb
  Size/MD5:   107366 88bf57b6009f6e5e1b74543933d90952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb
  Size/MD5:  1282444 a1616fca7bbd45734eeac5dbadd4ddca
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb
  Size/MD5:   122984 46402235fcb4c943f421d0081767c228
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb
  Size/MD5:  3393114 cf2287d566a90325bdf5d37d0d772c9f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb
  Size/MD5: 21046384 e74d9ad7ebea1118a0991b54de50b21b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb
  Size/MD5:   122974 a2d63f1a30e2e8778d3737d334224e44
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb
  Size/MD5:    72406 c79fce80a122bcb69cb8aa2840027183
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb
  Size/MD5:   300354 be69393fd4c49073fc291d4382682af6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb
  Size/MD5:   147054 13477206d327d76ed6cc6760081b6a0d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb
  Size/MD5:    94812 6dbbfc2081ce19bd705e65a76c370b18
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb
  Size/MD5:    79216 96e108be36d7e96d1d7c61c55d2eada5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb
  Size/MD5:    69808 919b659eacec53b4612e0fac956adca7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb
  Size/MD5:    73250 78bb84280077b3aba53beded9161a244
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb
  Size/MD5:    74914 040afc6608d22fee2eae20ba8b0e840b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb
  Size/MD5:   159892 2780f991c85e2be15dda1635f8c98b11
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb
  Size/MD5:    87476 f4505c09091c8d4e49b3bbb345340e2e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb
  Size/MD5:    86544 d08ed7ba7921a6341be43b1b597c7c01
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb
  Size/MD5:   158570 b6a1db2cde816a16be29d2aeb627ebee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb
  Size/MD5:    73262 07d1fa25882621bad5be61b318fd3a66
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb
  Size/MD5:   143748 8868549c96ba8150954a69cbf3730801
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb
  Size/MD5:    95818 b3b86c3fdce299e35aba1f8189fe5005
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb
  Size/MD5:    74236 e55cf778b3b0f1d43604722bdd8689b2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb
  Size/MD5:   160514 2ececee8091f44f6dd61de03d9ddf77e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb
  Size/MD5:   123050 8e43b21c9dce1af5e5b88f24b8239952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb
  Size/MD5:    87578 52ec26ae5b375ef892d6a86f180577db
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb
  Size/MD5:    88736 1538d94d86c0603bde8c1f8504121c8f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb
  Size/MD5:   100086 c31e59302ae59a2b4eeb015050922b41
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb
  Size/MD5:   102452 f1eec9b8382457b89406d69b526ad11e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb
  Size/MD5:   102018 fe04cd8d4a6e461491add407142d3ff8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb
  Size/MD5:   320680 c7a5363feaea7213a73835fb53a023dd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb
  Size/MD5:    94190 4b8e7c65cc416de4a6d4691250776493
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb
  Size/MD5:    86104 94013a70b7734e0f4205e723093f71a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb
  Size/MD5:   125852 2352b91c3e6f9de7f5e5d63efdb22c82
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb
  Size/MD5:    93760 809003f68c722bd4cfae1a197fc5f652
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb
  Size/MD5:    72098 5651248f206d8b9987370ebbd24531ab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb
  Size/MD5:    75834 e41fa0b5de64e33a4c38c15f947cbb37
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb
  Size/MD5:    74320 9f80f3d04c9ffd9f5a505847a7fbbc4e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb
  Size/MD5:   138682 7e1c4877500e1dca3a735dd2f33d3193
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb
  Size/MD5:    81378 ea3a2925ac33d30af17a184c1160ab34
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb
  Size/MD5:    70188 dbba5b087d2dd682d7df359c6ecf7aaa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb
  Size/MD5:    79394 52f292de69593f4126072df958002b5d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb
  Size/MD5:    69716 edd13af3e98d5f70248479424f7597c2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb
  Size/MD5:    87794 c6c08212db44d8cf26e0884a04c2d9b9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb
  Size/MD5:    70516 a91e7e0beab053a8ff753050c2f15b35
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb
  Size/MD5:    69564 618499e29d79c7bc8f11ffa925c09b75
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb
  Size/MD5:    69266 f457352b4675b27b7d40337cbe0a2695
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb
  Size/MD5:    71954 153e6af112f360033a37aeb4670c14cc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb
  Size/MD5:    70338 c01097e2eb0a2a3abc95a3dfa0247327
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb
  Size/MD5:    71888 2f84d4568562561ef3498c9791ccab7f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb
  Size/MD5:    73402 7e0ab015ba49f103afb96c7211ce5755
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb
  Size/MD5:    68822 4f17e665de66a9940ff3c6722fb08198
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb
  Size/MD5:    71282 ac55322bb00e6c33b1f764e47a2896e2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb
  Size/MD5:    96556 c3fce835be42eb0c31d03056fac32376
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb
  Size/MD5:    72546 05232e76ad9b9dc93d3db86c423d1b7c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb
  Size/MD5:    71022 4fd42ec380a437249a026bedc2e44cfe
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb
  Size/MD5:    69748 7f95915c766d8f5486b6ee4af5f824ca
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb
  Size/MD5:    68636 6e64a58144fd2364f5a27cacadc668a4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb
  Size/MD5:    71956 f9a757c36bec95a75413995401d7fec8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb
  Size/MD5:    70302 2ec147acfc14c068896185d2dd01887a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb
  Size/MD5:    67446 ca456ab89714cb807ab26dfa676578b2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb
  Size/MD5:    96986 2799f489d096d23cc91037d7705f7abd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb
  Size/MD5:   274176 ea1d2fc5b60b7754d47ada4cbbe7a612
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb
  Size/MD5:  1383664 7fca88ca86e1d9545c0a5a7ed877f2cf

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:    80654 12c06589e94a6d6da139a27d5bd48b4c
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:   729308 9c85d5592d0f162884bc52bc82e09457
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb
  Size/MD5:   230642 65a12121f60f8096bea04955e30ae42a
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:   382478 7b1ac5f12fdba3482ad3251c3c24bef3
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   286022 d37d7708a0341cd63c1390fb0ff387a9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   373114 ed63b7e61d8a65f90cd8c3599d0c96a6
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   237726 289174b8732579cc6b38f50f6398525e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb
  Size/MD5:    65746 c5de437f4027dec1acb8640bf14c4ccf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb
  Size/MD5:    65774 9d5e6b227f9799035e83f10ffa1f4cbe
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb
  Size/MD5:  1006498 218159bdb9b8b250ef184881db5364e6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb
  Size/MD5:   114636 384d4379cf21cc360da3f74252dc6e48
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb
  Size/MD5:   110580 054183b9a9c8a86fefac3017592eeb3f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb
  Size/MD5:  1477044 d49494dfeb3fbb06cc60ac2397b104b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb
  Size/MD5:   123370 5084044b08a994ade1e05ca769fbfeab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb
  Size/MD5:  4153716 d136a45467ed83aa7c9be079d38bbea1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb
  Size/MD5: 17841844 cc6a10b4f49e0a3dc197f4b4a25be310
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb
  Size/MD5:   316180 8da85e525823bd09bc3648d5f642baad
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb
  Size/MD5:   158800 f6957aec1dfb811624d4223b3b8792c3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb
  Size/MD5:    74910 886ebb1cc261a13774fb37442f67b04b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb
  Size/MD5:   177164 4df697145e0bc9e405269f370c098ad3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb
  Size/MD5:    74766 af48765f0b61b699ef013e7fb91d0563
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb
  Size/MD5:   154718 49e8c9067f4196f735100fdb88abf241
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb
  Size/MD5:   133938 1f37af997b732cce638c2f442ac32c27
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb
  Size/MD5:    98722 fd531207bb51ee7557839113134c03de
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb
  Size/MD5:   107536 eb327385a5f0410f9a1180d7c6808903
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb
  Size/MD5:   110162 a70cd8531c61382bcc07b92a34202bed
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb
  Size/MD5:   368234 fde514af99dfabf48ab685c95a95249b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb
  Size/MD5:   100614 d6dabc2023c08f6379f0fb98d3c076b3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb
  Size/MD5:   142422 42f616549b5dac01f66403b64d5c5e5c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb
  Size/MD5:    74212 d6d45dde725417a9a4b014c65a41cb12
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb
  Size/MD5:    76358 450f581f1d862d20f67f0054ea46cc66
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb
  Size/MD5:    70846 9b2d0fa88f4fa0edacffdef2ee62901a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb
  Size/MD5:    82626 b4af3fee8db47771e9325f634119c6b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb
  Size/MD5:    70766 2f945c77af13fed6788bdabc71c312ce
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb
  Size/MD5:    93244 e8dee7a2b70acb94d51c7cd1c1e97b9c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb
  Size/MD5:    71734 e73893cfe3b9d5b693569c2382905cf1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb
  Size/MD5:    70374 7082960291a9bb88d003eeeb4285358b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb
  Size/MD5:    69938 d7113c27bbd386c14ff9a2b712c51342
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb
  Size/MD5:    74028 4bd41187c68fa51fb0adced0ccaad0ac
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb
  Size/MD5:    70956 a0f37dfd435cba240a1d3a35f27841aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb
  Size/MD5:    74336 41cacbfcdc99b42b0264d82a7578a8ec
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb
  Size/MD5:    74960 52611ed1fc10530d4ab44fd16577bce1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb
  Size/MD5:    69550 22c49ab9f187bdca55a0fbb83857ce25
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb
  Size/MD5:    72498 44c3195bdcf64c2c5cf8504f6089e619
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb
  Size/MD5:    99586 ac9781c897e4dc052af9c9c80a4853db
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb
  Size/MD5:    74312 6d10ae854f4e4a3c5f137950e307db5f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb
  Size/MD5:    71850 80b3b7bd7b567be9d5dd896e8613ec16
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb
  Size/MD5:    70548 37d1b7c034b9f792608d3e6dd2a867d1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb
  Size/MD5:    69216 7ee83181573ac45a56f2a4fb044a5e6f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb
  Size/MD5:    74222 a0f33d1df407af5b5a6c51a5882a9e60
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb
  Size/MD5:    71126 9140e6af3e6ad35bd68a5f5968399b0b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb
  Size/MD5:    67622 d3f49e28e34a285865f8870b3eeb8aae
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb
  Size/MD5:   106738 88fbfbd6e6ad9f5336552ec2e50ec9a1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb
  Size/MD5:   274024 93076262a05833b4807e98699103d946
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb
  Size/MD5:  1590104 e71d49333a98a285fe438d08e48ca2e9

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:    68646 bd18602999ade0786089cf0c117a8340
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:   699952 0697ae616e5f96afe661a7a121eaf8ee
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb
  Size/MD5:   216454 7d29da7d817ac7ff1c6d7914630493ad
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:   367276 9024cd052d0210a8bacdaff20589b06c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   294964 b666356962ef9506da0b76efd05c9908
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   324238 7dfef6defc80be665990fcbdd0e08e2e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   232476 dd914e38e4765a07e0980dd6ad5907b8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb
  Size/MD5:    65744 69da99ffdd8daf0a439b098b2e284b32
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb
  Size/MD5:    65772 de0733e94929d4379e05d3c88a13a285
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb
  Size/MD5:   920880 2d70ca5f3de16d1192b1c05d99e21d93
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb
  Size/MD5:   112780 bf763538fea32c5f73f85ab86438014b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb
  Size/MD5:   108622 99531cb07cdffc17daf11727bc7e11bf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb
  Size/MD5:  1357838 e4491783b6a9e3d45d19a1ffa086bc81
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb
  Size/MD5:   123326 32c21b631ab344dd58d27bf7a62c605b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb
  Size/MD5:  3746340 8e6087848c828cfc5d72cde99b21242b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb
  Size/MD5: 19778476 767707fd2df5e224381a33fa872cf19a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb
  Size/MD5:   124424 081cfba509d6784ba22518521c18aa79
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb
  Size/MD5:    73344 ca0e2f22257a9911dbbe7c9c0f479d57
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb
  Size/MD5:   302440 861d677e1de334391174481377f437cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb
  Size/MD5:   152068 643d54a96746678c36f17c3ffd3ab91c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb
  Size/MD5:    99108 b1a219d38a08ec0a3ca4cecba79a2784
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb
  Size/MD5:    70306 2b541fd5e4f10f05266800b2f977f120
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb
  Size/MD5:    74052 448582ffd40305e797cf2815c6f9c1a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb
  Size/MD5:   174824 44a2ace41f17b1f0da1c3ff7199de0f0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb
  Size/MD5:    90378 e8c95b12f1882e1f9294cb9821dff299
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb
  Size/MD5:    88784 7069730f8ea7530b607c0ecdedabe693
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb
  Size/MD5:    74196 a67897463a21167d281a29fab9414ecf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb
  Size/MD5:   151636 442a736cb4530a699e4ea844e01763a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb
  Size/MD5:    98780 9b374f040468ddfa4c8559c63e4598e1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb
  Size/MD5:    75054 e41f20599375cef562d50cfd5ea91f22
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb
  Size/MD5:   130164 7d81597fa246853896dee123c93a3443
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb
  Size/MD5:    89382 0c4f8f40654fdd09e520145ca2e886bd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb
  Size/MD5:   105294 1f6862c1c719219da1b965623774def5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb
  Size/MD5:   107562 634a4e99cee1f7ed5a96fa6d1e5053aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb
  Size/MD5:   106838 ca4bcbbcbb250fc4374477ef17dd5dbd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb
  Size/MD5:    68678 95aa8f3f675f84b9b445fd5a85c75952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb
  Size/MD5:    69252 2d87f35b35295d29bdd76a8172351ac2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb
  Size/MD5:    68734 8809dd6543372feddd2a5886f6976776
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb
  Size/MD5:    69728 1b59fdb3a45e0a569445b34d064d0633
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb
  Size/MD5:   127670 0b38955174a4ed44bd4578c87da66684
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb
  Size/MD5:    81660 117464ff17f748d0c95aa59f89abf250
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb
  Size/MD5:    70446 e69222c475300674077226d927e4a156
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb
  Size/MD5:    99410 33d1cafe6bf0edca99ba9392966d6ab7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb
  Size/MD5:    87728 726ce3e0143dafcd495e3de4a40cf8c0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb
  Size/MD5:   131950 e98574be1b719debd2c4542b199cdfcc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb
  Size/MD5:    73412 b1d2672fcf4c22e883e9b93ddfe70e1a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb
  Size/MD5:    76710 1254832b3fa89d4cf901bce0bb79c6ba
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb
  Size/MD5:    75206 36b39c918f6061dd11711972d2025110
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb
  Size/MD5:    82618 c65b2958ebcc66702c6db1a24aee3813
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb
  Size/MD5:    70412 26c69d8e78229e07af1aa8176594728d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb
  Size/MD5:    80920 710cf56fd1e938d25cd1b0ad6a524a08
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb
  Size/MD5:    70316 83f3d61a2bed0574b25b2b0afb808ff6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb
  Size/MD5:    91828 01867c3013e5a645d22cd97dc2068e1c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb
  Size/MD5:    71154 447987785afddd40f58871ed82d1d8c7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb
  Size/MD5:    69880 df7253bb410088887e963b4ec185a761
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb
  Size/MD5:    69582 772f0ae3564c523c6f010b9e54b9dbe6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb
  Size/MD5:    73168 0a6bc07c0a89ed382852a9f22212882f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb
  Size/MD5:    70622 a647189fd612aad8b9d57ee1d8d29da4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb
  Size/MD5:    73350 e5ca5c4d5c85b8b58a2d966c9cc122a5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb
  Size/MD5:    74194 2d9b7ab568db94f2fdfbf9208c51f269
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb
  Size/MD5:    69170 bd51f60f99bea164a1655bf99d81080d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb
  Size/MD5:    71910 f439b8d1778d01df70f869e04d0f916a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb
  Size/MD5:    97820 daa144c86465f941bad248f7f2011095
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb
  Size/MD5:    73544 67eead253f6f73a4c95cff9ee3fe5e45
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb
  Size/MD5:    71470 462bf1db6bf06a3541c048e978f619e1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb
  Size/MD5:    70044 56d63787661918acfa11b4c2edf1b363
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb
  Size/MD5:    68896 407a96555ef0aca1c0f862756985bcc4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb
  Size/MD5:    73208 c124d986e5ede6f22d2e6e4468ef44da
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb
  Size/MD5:    70788 139b257d986d1d81abc5df96ff6c07ac
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb
  Size/MD5:    67526 da4b3fa6d2ea2cd03ff074fae1f99e11
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb
  Size/MD5:   102200 d20486be0bd003c871362662945890ce
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb
  Size/MD5:   274186 2936a9182f8fe998082ea1b094cb4d84
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb
  Size/MD5:  1463574 ed56597df856cf23c99ea94b0df46132

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz
  Size/MD5:    59540 862bd1b35276a1f6295ab86afbb0c585
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc
  Size/MD5:      710 e45aa32ea5d21cea1443eef299963ab6
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz
  Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz
  Size/MD5:     7292 53e0bf4639f85be2596ea73128f9786f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc
  Size/MD5:      743 fb5f2db984b7aa11cc61b95c08908f4e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz
  Size/MD5:   816966 29c00c678d4ac9bea8ffe7ba264825d0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz
  Size/MD5:    31362 fb578e86128d4cefd37470d2b1b7a800
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc
  Size/MD5:     1804 b8fa2ff2adefb6457a217c145f0a99ee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz
  Size/MD5:  7966941 f44f0f07136791ed7a4028bd0dd5eae3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   133862 9849bf94a3c83769fee1c8c40cc5a195
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   717494 0b0587f17aa8338d68f00f4f6de40cf8
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb
  Size/MD5:   251748 ea23cce32b15ed7b944ceea15a7c28c4
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   439876 f4511db24d690e234e2c6157f6f0d86d
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   302752 cdb9b9f31fc890e1f81b6b84e62e6743
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   375884 261b8c8db1350e1729a58bf14455f0d2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   242806 0d259ee4f74d911e61e8d6c1c3fd45a9
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:    49900 6cd998c1385119c61c656454fcafdc57
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:   848976 1de01ffe87bc9aad344ceebf57136501
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  1414328 fcd5128c61ea7c91f5dd0fdd67eb04fd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  4048070 8a20c1e88020a82b1831541874ce7c48
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:   294524 6b2619e3fbfc72356dc7afa6ee3afa0e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  1564542 9ba68a1f137e86d212d7eb264008f4cd

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   117358 a678e7f1914fdc53c66bc12b2563c104
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   677468 1245a799d53d0326992d1fa22bad875b
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb
  Size/MD5:   227264 9c15e03342736754f33977e838c6d801
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   415384 7ae6d5bbe1a4bde544290a80a3e3dc3f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   279004 3551439419ec533ee6e13b4ddad9879f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   320798 e118c7ba341674944cd61dce7dd45266
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   216576 9357f5af25709f7e2c5627960a1c965c
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:    42444 13fe0025f651e11decf5072e9ba7c88e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:   748738 8c8fb9a5513045b418ffc3c37337aaa9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  1241568 96276d9b49ce87040e0d355de948d7af
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  3531364 addce36a358f8e1566118b490517d0d1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:   294542 401c8007c96f3468eee908422fe384d5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  1382554 bfdc3acaba7eae4bfa8f09466c1a14f1

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   134248 3f73867444b6902b21ece5e88bda5736
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   708456 fd230d35b21882e8f33a733571589eb3
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb
  Size/MD5:   241444 985d65e2f522108b58cbb7101a1c4e93
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   429892 e96a4115854d6b32907a3249bda2a0b4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   290970 714aaa371169f80396afd1d5d0bc082a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   369962 cda66f3b003f5faeabe2225356ff414c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   235378 3086125be0dd5bb2480f31d4a21b46c6
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:    55158 3d6a6b1cf5be95e00a48e5523d641d29
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:   825340 a5329d0d2322ebb0c2d102a47635216f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  1368184 0e1b6171168a996773c760b8b875648e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  4076112 3668d14302e64241292219b67e1f9659
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:   294538 5ef1c38d239ef6e6ac65d852d96c1665
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  1506656 fc1885b7b5f482fe734f5d081b072b51

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   120076 f0524701f9defa5d49f80b333dba9161
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   683560 22024047655d0a6e26c484d1d231be3c
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb
  Size/MD5:   222408 4a26ce30531b338bc5ce9e16bfcda691
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   410888 897071c782c16c0e3000a9c4586e184f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   297866 0775567bab801a064f92e79c0939886c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   321246 8e57f2843bf6cb39a8cbde389c740872
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   229820 c0e50a0ea242052b971dbd43f4144d6f
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:    43880 705741e8b4a3cd9b591da2a1b85db401
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:   758608 92ca7b1ee8f4509a4222c1dae58cb288
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  1313218 208167a5f9f5d074bf1f162da5377664
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  3789064 d7127a902bc8951e03e70baece970b34
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:   294998 c2d3c3b6673c8c8f70d23db3712c134b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  1445764 a1efd9aa2fa04d62f69771887a5d557f

Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz
  Size/MD5:    32265 c95bae22cdf8aff7dd045ffd19b84acb
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc
  Size/MD5:      804 3c64a49cc8029e44361ec5b5dbac0a96
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz
  Size/MD5:  1451392 a584e84d617c6e7919b4aef9b5106cf4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz
  Size/MD5:    21080 14f360ae2e6a5c3a535ba34244f513c9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc
  Size/MD5:      923 df21beb2608cc68aa140d315041d9795
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz
  Size/MD5:   827186 b4cb7808df5804efeb457043fed13782
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz
  Size/MD5:    92001 cbe621e817e97c8a67ee7465bf3fa266
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc
  Size/MD5:     2020 e4b095a246fd0a52f314ce371b3e0cb6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz
  Size/MD5:  8388609 15852049050e49f380f953d8715500b9

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   150940 92d6b1c0aa652e6e8f013ae4048f4062
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   668960 0e5ff244ad6488cd3eb801b3768b7eda
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb
  Size/MD5:   248264 4328e1df8f13a92086bc6dc0c43add50
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   353738 c41d6ae077ca5f31a25cc0f58cbd93c9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   305140 eaa2799e4a889de2924c16629750c749
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   354690 d06520d61f32e74f26764e6dbc1c14c4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   242998 5e24330de281bfc1bd33341abb57d967
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:    57434 5edf610ecbdd99e59f118959ca0eb414
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:   813654 4da55af97b7c83f85c557df79f66c0c2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1427180 efafeb1045b436463419496481cfdc78
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1608506 39e8887d0c3b1d4b4059a990ccacc07b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  3917424 d69cc89a0777f800d5e74e3a8041fd93
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:   297442 b41410b7b585f2960827f912241891bc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1579394 facb0f2f9c2722e4d07af7dea9f838e5

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   134026 6a3c9319eba74a20e6f5c0e3457a2e97
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   640492 bb5ed3196a9e9fb626c17d96f40b3b2e
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb
  Size/MD5:   235400 cde67a8b74de363b4d3e1abe0f41e781
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   341274 5aee6b86c26c312e17acf68808b737cc
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   291958 2344c15719ade83c6e125e29e4b86c23
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   336952 fe81984c7c8cf4a8ca6a0f44998bc0eb
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   226028 5456ac2131d824a096d1e979cecfcea4
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:    50646 23cd4f9ca5689117c09c43ebdcfea49e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:   751476 f3769d8fb8508eca644db0c8d9530a08
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1327210 73b1fa3c9d0e365f029962cb4e920b8e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1498720 e7e629d60198742c9040687d9c02d108
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  3563454 7f18073d92ab9a8a5fbb096b483598b5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:   297484 7d506b6a3fee567e20a2a5e7aa6c2bc7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1475138 fffb6ddb7a71160b492de7c8987cfc9b

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   148582 24a4dc3fcd4e9ed1cc439178926016b4
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   663380 d84c7eab9c0a1678485b5c10c99e227d
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb
  Size/MD5:   241628 bff6e436dc7884091e9a159425fb3345
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   346870 8da887f46827f7a148b9d5573d6cb526
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   295948 e373a2fb962bbd917ed1475707925379
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   353796 9ad2219e7d15c1e5267c922f5d518954
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   237280 a187dc106461ded50a6cafe3b7e5442d
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:    63432 d611ac901c34e99a1cfc77956c6f42c4
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:   797454 d0208072254a9e1e6041b12f660a7cf0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1401888 9af060d4e15bcbc8bd55ec3b77f8f733
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1565976 22e88a95a1d3dc23299f782df124578e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  3983002 3345dba424bb25e0862b66acda8747d8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:   297498 55dd5abe4abf1c7ef441c85dc070e68a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1541334 474f69d831b778c5825ae02d340556e2

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   131806 c3d342df6c666a6ff77ad70c7c729297
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   635934 2ba5cf3a10353ed63a2b08a5ebd038ff
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb
  Size/MD5:   220156 4f9315e0d159b61aed69ae09c8282b82
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   325494 95813d719f39a3b86f6b44cda4519a83
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   304582 8bca3c95b9e5f10d08357fb32ffa690c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   321526 1765ba83a127b01ed81632785688a0b0
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   234114 fd5c8e1b70051aeae6d189037043c23e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:    50314 9fdc77ad9a5448d3b92c3b05fcfc4ac1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:   733754 8d5052a6cb973b478b57efcf9535020b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1344340 10ad7e4b138b14102ab3a396fa31255f
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1500142 801229631c468c808bc3570a02f36436
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  3695516 c037048a7c2971f1c064e1644083a738
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:   297856 45e8359cdae581b6ab4d5ad683a4ba89
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1477724 8d6c6d871e63e6009ab6f9be3b10300f

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA 1294-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff May 17th, 2007 http://www.debian.org/security/faq


Package : xfree86 Vulnerability : several Problem-Type : local Debian-specific: no CVE ID : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667

Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2007-1003

Sean Larsson discovered an integer overflow in the XC-MISC extension,
which might lead to denial of service or local privilege escalation.

CVE-2007-1351

Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation.

CVE-2007-1352

Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation. 
This update introduces tighter sanity checking of input passed to
XCreateImage(). To cope with this an updated rdesktop package is
delivered along with this security update. Another application
reported to break is the proprietary Opera browser, which isn't
part of Debian. The vendor has released updated packages, though.

For the old stable distribution (sarge) these problems have been fixed in version 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc architecture, due to problems on the build host. Packages will be released once this problem has been resolved.

The stable distribution (etch) isn't affected by these problems, as the vulnerabilities have already been fixed during the Etch preparation freeze phase.

We recommend that you upgrade your XFree86 packages.

Upgrade Instructions


wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc
  Size/MD5 checksum:     2642 189d0d7d0b7dbbf26755923b438e5e4c
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz
  Size/MD5 checksum:  3644476 e3ae500a08998d20996e1b386253e1cc
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz
  Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc
  Size/MD5 checksum:      623 95239010d328848d69bbcd59df29ee1b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz
  Size/MD5 checksum:    10664 ac732ace18f41e829a3c38730934fbc4
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz
  Size/MD5 checksum:   202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8

Architecture independent components:

http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   159434 d8aede0aaa9682ba7997447110d31ca5
http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   216476 5401b81557f7953a5e476127544a94f6
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158730 8f841f4bc6efc65cc48e468163170116
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  8195040 c3c684a6c8a3a10f280ce25a6523fa50
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  4363090 0a9af1fd8109decea7c5e2bc9342a1c7
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  7073122 b42b7454c680f94cf4d912d6e263c679
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  3840910 eba04ef15ba7280352b8731e2705726b
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  1203680 546bafab0ffec15de52f51983bcf2c07
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  5490622 7d4613aadcadb86fc4242363784818ba
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   541216 16dbec56de243edf187e52c650532e91
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   901006 adf45fe9c5d1d84f912d2a9b789a1b8b
http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   815600 154c4731c74c14685319ffd2e5535f79
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158582 5ec2b681939a466c832c7b91a6c71589
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158596 2a90dc555891313b58b5b0d11e33b8c8
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   907066 a82eb5f3920df1c3e4c42c212efb78a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158648 bed92016a1cedd08e985becce0aadec1
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158646 e55d85a5a7d6687cbf802575038344d0
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158554 96ba78abf30b4e2d087f2797625589cc
http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   426718 64389fde8c4cb693fef2a5953fb2b109
http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  5835466 28f15b50daff3453e208642777c1c311

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   284996 92f0024fab7a481cd4e34dc024f457aa
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   441170 70ec1d5a6b3bf7a36863360747e6cdb4
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   313428 2b07fef9a8355e4d43947a1a63aff81e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   822188 fd73dfdda3bc273ce185908a3720c45a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   230570 9ab3ab85a12236d862e78b0f0f87dea7
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   209934 e15bfecad9eab9fb197772520d21067a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   295454 33ccdd1fc0dc73ccc66a45c0ae8a290d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184480 3fe3048544b48f0926dbf6f4d163dd0e
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184848 b5c69e554bcdce7e1baecdb8a1cb5c9c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   209954 49853ed0ce0dc522e9f43d77ed807137
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   816088 94c427b0abe62c425b2bcdf372c792c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  9804934 4623cd96de525311a862c2e1fad78344
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1576092 8e18e092949d8bd0f9e5ffb9d7f447e9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   317732 e2f03ac371b2cbb1a2b84dae43959f3c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   934034 af848a96c5dabdb756549d66f16f5ad5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522864 fe5ee0cf23f25f8e625a1428f90e39d2
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   382736 5fb1194cbf510977519c2f99903f3e8d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522770 ff4f2ad7f5a1fa456abc16994685c6b6
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   265026 facae3a81139d2ce5a0bd21cd665e2ca
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   196480 7cf0508ef339715f25f1ce5707de2584
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522270 1c140d44feaf9074fe7209933917d36a
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   195706 6b44c3f7c5020cc71d3122fdb43380e9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   481102 f3cba0d63e52a2af0e63b1b052453089
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   240792 5025ff049d9f7deb22e11a300094187b
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   186222 7c8e6177656e754587aaa42e8083059e
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1182630 e2738f6b53b5aa55169fc829aa2f3c4a
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   244840 76fed36704d9ca23cc4a91c321490b34
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   219782 bb1280080a6db83d8a97510c70dfa588
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   680140 9e24b96bf063fc9ce13f22fc457a50b9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   164774 a41d399a9f2d550f1ffc8b1095c4417d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   172674 13676ac5abfe9594642adc4c054014ac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   210192 79cdcc5df1939ea1126859397db7fc57
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   187902 dd499bdc63f54559b3e7978c58067a7c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   182996 ae344d4a81325bb7de8b95ccf977d6cd
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   576046 a1f7ab50d292c9682de56abdc1539e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   212166 54359c662494bb8f9798eb530b05c39d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   204384 89026d497d9ef72ba5c8cedb005ae99a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   253810 07d21c94db5f5261077163a7fef92363
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   173260 621062aa574e5a4470cb2d59d58d4364
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   172984 a53a8fbeb82124fcf1ac73b47246e654
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   203096 9fd958db6e8f017b01e9471e56225e67
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   713138 5ac37e4a6928ae1d6214c1ea683cf532
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   361134 4e469b9b10ef878a3a631b58e3b828d7
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1587114 914c6b4c39ed31c2fbee379e2d0ba25b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   191798 af942f90192c1b423de6ff15552fe7ac
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184318 461e3515c225271484349872db566ecf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   411934 25f0ad51173c5b1a91c657f1218a79ca
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   176406 8c0975faeee6e39952cf1a8ae7983ac2
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   177950 991487364f13ea794c44c3aff02a8342
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   241462 716284f0af443ef15e5a3a2c1753baa2
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   193636 8eb36dcc7cb99f393fbdc8fa315a0cb9
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   174330 9f2e68247409abd7359cccd02ea2ed9a
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   206192 155c096549ecebf30bd0b6de96266cac
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184952 c60abc527075ecb5c2effb72411506b0
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   289606 9cdbb7e62dc88b2688febd15e62092dc
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158684 ca7c7c54102b761de517ef8c7ff9f76b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158738 e9e98a97d36c517bbff6f7451e8da8d0
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2376330 27c274f345160933475691031385b692
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   327180 32ee0206f299daf84c440520238fffdb
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   600554 6994f0009df1a92aeba7a11a6a72f4e9
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184230 7667cbb1c995ba9e2216d51342e67f06
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  4558712 5f077e532f6aef7c0d16f55d37b37a87
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   351116 5184250018192b80b4d09e24ae0f96fc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1339534 abc46934dea4b20c63e577f6974ca8f7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   816672 9031709350853f211428feb2802354da
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   393160 6322d814900e1eda70a70e08aded0051
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1150632 ce6676e1d7b13f8a28d95ee787e19fd2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   537396 958d4ec3a45f1bc1effa47a358368472
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158482 d5382eb6f50ba085a7cf15e352e85910
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1007052 601156a062591921fa46a3212a868ac8
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   811486 8b324588f46711216a44ece926bdcc2d
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  4640908 2688e37b3f3ad30257e74afd5ee95310
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1114488 77e08891ea808d8869350f8329852d43
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   490082 8d3580ee576dc319be0ce3681706c9a9
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   246932 61777c7301c1d3ddc00e8acdc3c0bb2f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2088768 28613cf2d2f1bc5c0c12c22e68e9878c
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   331698 39f4331d0c561f6e5aff79af12be34d7
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  6595862 5cdcc2dd8744fd0cc46d27de86c66665
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   550006 eca34c5b462dcce8dd12e7da120d5159
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1033800 744333bde498149283ae7d7af7d7f460
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2271050 c10ec9d6fefb6b5d1f6d429024e1e833
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb
  Size/MD5 checksum:   148190 50852b7df4448215e4d3ec188f9ca24e

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   262298 1ce19c8bd9baef60202cd3a97ef520dc
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   367224 848b9949b6ff456b4543ff3579edba4c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   299272 3491bfc3583d440511b0bd8687d9843f
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   798094 3cda9b3a44c3445a418567f2c19007eb
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   209850 58c642bc21913976fed73c4611e63120
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   205372 1c7e44bf812e2d336f13103253c45545
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   288966 0fd8fdd5b67911693c9ff03f589e3e1d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   178436 cdaebc2f0a0bab775d04cd8f603a1b0c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   183446 7fcd4b47cc4e44983b8103e202faebcb
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   207798 37d7f9a57604895952f6cd07712be13a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   749416 36e10229fd2ed52bfc595c8b708fdb71
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1421668 0f0093d5081ad93c1154d9e4cae3ce2d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   295162 c0161225e5f92dd930b8c2f582acc80c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   903762 f48cf6f781708a7eb7b309cd823b2877
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   440728 5c9d6a694d0bd09f6be2f32c97eac671
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   350892 67fcc3ec3099427d4767c6e4427a9391
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1044460 00f7bed4c6bf4bfe2228495826e6f4ed
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   440628 701b3a51c651e67b7e2c18e11e30458d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   251400 ef31c9173b291ac5d78348a840674f79
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   191154 36f3fe9c393cb0ce2dcf5730b0107613
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   512612 3dee7413902951b2a7dd383bae5f0d69
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   192936 b64eb7b1d740d0b107215b291184d7cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   476486 92c4f49830414e0dc0341a7ab9efee24
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   233066 4a1a67f6d6bbf17baa360d4fe3d2de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   180474 4f4e2522cb226dfa17d5ba9b0d40e926
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1168298 32785a1d0229c721785082055b4fe145
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   226012 7199fab356a9c6381c0a1119bfe52e98
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   212288 6c78ac6ec10145825238b283d4a8ad62
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   662854 45c8aa47be60747fdebe6c34845b707e
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   163456 85bd979736e1119dbe5c73d420d83013
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   172100 4f4301a328b952ef0566b8d7c43b1c40
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   208938 0ddf06170b98d7f0f0d7dd8932bb1867
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   181560 4cf60ff4d472ca7ddac86633e4acfeec
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   180494 45e08ffa571b1b67b08a0d5c2d75e285
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   569452 3569f24efe2174038b829d5d05f1dc82
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   197926 85b5527de1a09c351b03f4018a64b406
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   197300 065147ca72c7a3364f450c8c781fab26
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   247486 9c213618f78a041491f76de00c2577a7
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   171968 c7e9e49de0cb61453be5ffc2aa94e74d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   172104 4ead3bfa45d1ca8957e5e10c1de03653
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   201308 bb9e5c557e50a45930b680b8f6468806
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   644166 a10f0657d008a8f086b07eed9706b041
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   346064 7ebef79c15df3c822cfc57ab443ee315
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1552102 7ba29d766762336706712893e21f8fbf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   187202 1a1c28f352c671bc5437e52158c058f1
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   182508 e8edde7b41222fcb15b5c68a148a805b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   413140 e55e37fe1e0224a6d225e88fbafc9607
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   171912 e4d12ec69ebb49ad62d987505704f967
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   175416 5c6da5160e9441d30e0869817ef15509
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   237626 4655e7033b095f39dec9884ae45aa832
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   191668 b091ea03ff5acbf27f0e0b7a74bdf929
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   173528 0350d13430157d5c86819cf928ff29ab
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   204446 f7ebe443d878728a3637ab346c311a63
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   183666 4d2b4de0f1e4a77261b90d25eb770613
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   277370 a8420df28b4d294f7bec2e104cd44279
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158794 f8a1514fdca77984512353d0b5d1f420
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158848 2a03cd93698571c4a13512ca990a8db2
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  2083786 97d1d4ebd6a452a2ff83928bedbb31d6
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   318224 59a6e966e6e49595101e733479eea356
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   516518 2124d855e582ef5e2012daab5a8a600a
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   182408 7ce0f38da0445d6a68b41542f655ac43
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  4202892 fdef8312cf8f94710eb818f21f3bd52c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   333556 d64d8c6d1bb0e5f979a38b5538f5762c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1316908 f8accdf7495d3f03842f03d4c4f069bd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   735302 e548bb1b381140f6a5133c491178df6d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   368324 730509f902394ab4534bc213ee093a71
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   460486 339cb1301a8dcc4bca57539c4a7d9c24
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158598 457cb5b6103df84a88c06f618cfdb9ab
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   789176 422bc34409184b39cb3f224954e2a50a
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   686604 393409c039840d0b0757d82f843e3ade
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  4489970 b8e7dcf3952f41fb2812905ffc561f7d
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   889632 e0b5d43013c6bc904f40026dd3c06712
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   400280 4e16b740df809e4ca7a02b971a251d4c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   236366 3c314ad0880bcee610a3e37f634b744e
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1620482 f703f2c8e36bdf4cc943b3abe563421a
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   337152 a8751e299ee2bc2fe354fd82bc4a01f3
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  5695770 e1de32c84f307dffe6c64100b38525ce
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  6039138 6e451f23e2b38b6c4f9fe1b9d65a62be
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   521528 9e2ad4fda8330b388f5efb0cb59c4d5d
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   962224 0380eefc014116e02bcea08a187d3bb6
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1763954 d099a99b9f35f7c2a92fba27851f1c41
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb
  Size/MD5 checksum:   103960 e10dc9a0c018be14c3941d097e61a263

ARM architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   254506 c4bfe2b890b7f1aa92a6ea50c8fda17d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   353848 d83d9bea399500268bda162ee4d4d7f9
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   274282 b6b25b1e771e3a003c3ffd2665dfaf7c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   778514 1aaba6276196c2965031048943a106de
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208310 93bed067f155c25a867a36f228b280be
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   200248 b8a08cb43eed69036fa08f885785df01
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   285400 94e59aa1305da66cd82e7cd736b4eec9
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   177720 fe578cfb4393d969205552b9904f0eb8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   180490 45723695fe5e39496c503a4716f47cec
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   204986 6b5f5c883b10d0df4e36da876684519b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   708938 c7a004360821b10f119b823925f7b4d0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  9661608 ad3f42ed447f33881c2a85dfa26c3ed8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1411312 8aaa1222ce69df4f196e85fad581bbdb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   283694 8bacc834c0bc7f647db4b730fde8601b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   894954 0e6d96ba308fe7899384736e3028406a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   437716 9142fbf29b65c4df6f6cdc31a02609fc
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   335288 e375c507a70b653c95f5df809651e349
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1029416 7fd74f1c7842bf34e75ffd4d1748a920
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   437618 a5fdf7dc60012ab80d091d6b86aa7921
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   254630 654f145f734a4ec8dac276b77b8c5c0e
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   188842 ca9cbf1890dcd8be553056e006fb9188
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   511660 0cbc8f25a45a380fcd7024a3182ca035
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   189158 28074b2cac5f6d2567a07838adf5ddd9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   471094 6e7bb9a3985f5d78d5923b889c46c82c
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   233430 995db9bfc5b8db3e1af233263d63c237
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   179462 93ecb7bd10f52380b29ca88a18cd3855
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1172306 6510aa4bc254dc1aaf4a718d6ade928d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   223670 a845d16a971ce1cf0bf4a62224a9fbda
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208072 908593679b7fc7e8da53b8c034fcb3c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   664842 71c12addab4acafb4564f181cd57eff7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   163218 04f22173f8dbf2330514507150dfda2a
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   171618 fe9c60b4d8ce2b6496bb9d922e54ddfc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208674 83f13a1c2d164a7298878766f2d735c7
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181310 c95d79bfb7fd207f4d90622d3d8c3071
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   178266 5001d9e620dd228aadff0f7dab2dd942
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   567858 97d087ed756b6c6fcda1a66be9da8095
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   198280 462db4041e1ca77b658bdd6ca22808d9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   194454 2e989bd9bf07a72a21a313bd7fbf9d46
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   243848 b676a5b4b52aad00cae35996a99293f3
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   172170 11b217f5e995f7beb31c047545c33abb
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   171718 7f71e6890619d9415c78dae14019866a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   201068 766750858aabd3e4ca693ed92c7da7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   645466 0f2f37d4f76e79aee71893595c289886
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   327336 aad47d15f3b07d709e3bfca61f90f695
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1539196 220a5d415800dcbc9aa05928b95babea
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   185942 8a041e7c63ea5a48eeb87329af17931e
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   179524 490fdd28d4098f64fa080ca98124a150
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   413616 ed79f35c87fa43b63c5fa5a5bce10aa8
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   173084 3a3b10c302b21e328d5c77c92a11d53c
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   174796 22382068183a2f25fbb2630862fe6c03
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   237432 2f9c7d966572c7c508bf1f4eb951eb18
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   192874 8a02b3523c09a5d20c25e2499c271ed0
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   172932 58f6c0989bccdf51646f6cc85a7ad3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   204124 719091e4ca99073d68a83abc356dbac8
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181896 0281298f86d1734968f570ec266055c8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   274086 32b425d803d2876474d59fd6095c18c9
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158788 9340b0647c7e0509f201b6030ba32e50
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158834 c3b39287a06ec827f29ff2961a6e5f1d
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1940412 a0311cf7769b8009f316dac534be27aa
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   309434 4c18c2e9b31637ffa4638dcd15c5e33c
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   500544 5b1adae68f8062db2b18595d791659ea
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181030 02052edad72f025589d2267cf0c778c3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   280888 3e2f8ee82d0cf25240bd591c81fe53d7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1191474 c4abbbb972e895d75ee0ced411ba18fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   725146 fc5318a01d187d4b727c24ace68a241f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   352390 46290e6b3b8fe147aa8d1c2fe1481f36
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1098268 b79588bea1a524686b627b9eafcdadf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   459654 1f6ae7b019a5a824ae17df9a80a85b52
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158588 5467c615528a5d4a9cfe3e76afef1464
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   908824 ec265f126c7d0b2cef91918bee54e051
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   409248 4224dfa3119d8d231192700e5eabfa2d
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   226552 3e82b73d832d529c1a6b7e64ba98dfe5
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1558376 af2dd08ca667f05a447d7d0ffc8b667b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   336698 0482b56c7f71d5f044692dc3e70b51c2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  5528280 3f47b74fbca3d0793b94d6c02ffbc6f2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   508736 68adff865be90604a977176c9cf2684c
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   906628 cc7ffda09bf14ea886d48f3c9a6710be
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb
  Size/MD5 checksum:   106868 7e645dba8d76959991e9c624caf76eeb

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   264792 9424d7e1d21fb19a7bf3c31fd59c41a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   372312 c91f48c32b473e0e162b6b1ca0806459
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   306544 734eb14d0c2db80d2600986840e6ffa5
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   813736 c84b6a4e597102ba4775f472f9aae439
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   212434 bbcd96bb00f58417f32ea4329953233c
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   206934 c765a54d65f4f7eff593c622c7a66835
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   290350 d6934062e7680076fa5204fb542919c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   178552 2491a6cf3329a1b3e75050c93e422cfe
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183590 b6c26839f416745c82e35497730867c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   207650 4de6cde4c6cbede4b5d22666ad941122
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   780302 6c521d1bdf4177266123eeebb59db7e0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  9906326 bec9e8186d854168c96292f0cbcc2f30
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1443564 6f7cbc5293caba59f7d76eba36ae3b85
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   307060 1f3d61dc3d9552f1671b9850bb8b68ec
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   926814 2df67d8e37eea2f3982099958c7f58d5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   454834 0691f5a5e1241f1dab1896d38b30521e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   367534 5858d24a08a0ae6a2a5584cd3e24ec34
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1070688 889919869c53bbb0a4fa32f4f81643a9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   454720 471004c0aac198ea9fc5c38d1fc092eb
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   253758 b424edc08b899316821c70525795ac44
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   194058 2f7cdc4e84eaf340a7d1cbc3399e49bd
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   524662 c41b8e84537da3673e6deb03a6b00ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   193438 8fa5c65cfc8e6d0fea7b698d071138f9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   482956 265fe13bcce21d770a6c6d597954f0ea
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   233902 fb2f7de98c3f5b1e7430c535e54e7ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182062 6dd46f3db2fa404bb522b135db426d96
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1202862 16284f5703bf36c82023c3f9d35835c3
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   230482 69af864210b495ecdf205cc503ab95a5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   216180 b9cb762a3288b979cda8cba6469cdb33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   684228 cedf92752aa08f4ce65fbfe96d2e3702
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   164026 7f6e983d2bb07ba429c0a224574301b7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172904 983a70b6e4b52541e6bb8b54ecd469bd
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   210406 0d9c427d666629366d9d9a69fe498632
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182556 5b44f2ffb038758a013d0d86be46f736
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   181626 e8d9d3e7ef2d9e4fd32d845df42b436d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   577962 75302d045e4147243434844eef3ab539
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   201518 6d1b92e93e4e3f9e1c180124280e3703
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   201996 db76f8d685d31e642f624dddf865a8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   250654 256d02fb05d69adbf774cd9db296ce85
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172394 51fda3af7874e80bda0336b767b8ecfa
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172682 819c2b22b4a4d4f4e69e4c571a58683d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   202344 e6d067d3255b9c23fff4fc7f51c2608c
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   665382 db08734e96056212e56d6f45c72b7b46
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   358688 dda0a4e43071aa9fa663fae4acfeada8
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1569924 db27d054597116e63330d43b060f80e0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   187684 657c19f170c386aeccfcbe896de0f381
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182544 d628379cff2189fa57ca6276585752f4
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   410980 e0d6fb0dcceea37d3bfd820392f7bc61
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172844 8d041b5c14691c937dc5d97fff283c7f
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   176412 0f976b467fda140f96bc4d571cd1693d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   239352 f6be64ed56faa4dfc2e0fb5e0989b83c
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   192220 9a02c09b3c16ab073ac3c4bf46b7a212
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   174108 cd9a6247282ed00294bab503e4c81dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   205572 57303e5edfc3a91f074cf354b1c4ada4
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183914 015d754d01788c8d4a1780ea27a1126b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   279790 6c9e6d652a415222746a6c2a4146249e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158792 0a19e673ef1b669c9bd3160fb3dc183a
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158840 a8c4f30320308ba9ef0196b4dc2d60fd
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  2117262 250a9d60ba2becb670327a9f78315610
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   317244 508110262fa2e49cf96cf9eb1ab6a0db
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   546534 892f8c24b7392fc642bf6c2486023ba1
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183002 3a4d3f2e8bb6c62501962d6592d6be10
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   339374 059d5d64e82dc90a540a068b551d7258
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1261264 7c28a6385ec39831b777520533085a59
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   773180 d652cf318d2aaf08fb64c74fdc4c64d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   403704 cd9201d2131b1ae8bc3cf9096b067c78
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1175934 e3d0d49bec1b29acb9aad2cc3d38a378
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   497318 21469a1bb347d03ea83c0130bc4820ec
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158592 20258fd573b5a6e0ec0526cd7dbe2a6a
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   956362 40bf15e3f897bbb8ee8955f25a520189
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   422808 392e0cc23412a356d67fc07aa51bd4d0
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   237592 743bf913ab9198295e3c045ecbf70a2b
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1803862 7aa09096087a983e7a16fd210e0c6901
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   337492 82807bc3b69b4efe86c0a3aea38b8527
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  4100222 3ffb5b75498897f6a9a3aff0d05003d9
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   530248 979dad322b0b9e1619758cd8d5d72f07
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   977232 1b525f046ce3fa3d84ff0bbd1c72b0b3
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1969386 ac1a2134a3afc4b680a31526ad220c5e
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb
  Size/MD5 checksum:   115866 a101d8b69db97092f3e52541be1460fa

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   250230 3ad753c5bf9399dc00645876680e83be
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   342276 c1f9f7c6dcdd7153898727d128f58068
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   286150 81f15d2bc7f03b0a881d82565390f380
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   782768 c55920ea0f7d13e63d5061775f4943f0
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   205356 b56681e15102a887507bf3285732cb67
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   203514 4cd8e50adfffc863b0a3c0010dd5bf39
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   286264 f2f54740eb60bc96eb7b39817e4fcfae
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   176718 832a20eec2a4c8d198421514f47767c4
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   181274 4e7a1ce300e1787728ae9c43b49842a9
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   725158 eb243b4a9e705f824e9b81ea9ce3f92a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  9600288 94eb5086f3528eecc740a6a5454dfafb
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1358436 c46f41b1b294751ddd81fa325bf574fb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   285434 3ec944fb16f03ff2191815789b926885
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   890614 5ccab68e345e79b9a5f87c24613ef434
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   414284 8fb663257fc2aec2637fd15e4f95207a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   338666 4ae310f5dd35bb1a5735c6a9937bc29d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1025578 b67d080e9096b5488a9a67ffbc1b55db
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   414194 1398106e83b08b50a9c8bd86487858c2
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   246880 eec68ae5de683b31245a248ab7acd995
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   188456 bb2d50b4439ddb8fa6602c36893a7a70
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   507564 bc8514376d15899b530608ee6762e222
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   190786 de17e522a4a47b3c8594140b1c832042
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   469928 86e0dc5f50e01d92505ae4565665c457
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   231136 947c90d63fbb09a0435fa84a73800b18
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   179574 c040ea78299a4a77cbde6965487be65a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1166540 eeda20ce5fd4f83c098fda0fdd663e6f
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   218400 5d475727a2de404128fdc25622d6a5c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   209834 fa5a4db6f1de17988bdfed4e64d66f66
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   660018 1a98de5deccf0642e85c5bbf44b158ec
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   163124 dfe3c393889e2ba0bf421164956903a2
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171780 0e63f6fb0fc805769aafede4d6be14fa
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   208498 45c2ec6249fd478854d6b51a8ff64d03
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   179038 196d08ddd654b7095b810bf2704bb668
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   178710 935bbc6c8815b64fe9fa01cb39564c95
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   565340 d93c4e35f9a79c72f11cf5e61e6685fb
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   193686 1311a58096d095810db6de874403f144
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   195898 a8c4f1a3cca264a4de38384909ae0527
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   245344 3bb2b5834a63fa1f6ee7f6f73455b14a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171098 c7b8b83b09b599b65f41c2fb2df9e5f2
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171542 9d8ba30823322ea55436910855236d40
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   200314 db2359a4dd12eff662f17d16eab080e8
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   614302 115e64adc6c74af37bacc0b4e54fadc2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   329404 1e75dc920d8fd10a64dc014b05730b06
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1529654 18594c501817e10451893310347ad4e8
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   184890 132a6b1b5ab8f182ebeed781e053ebeb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   180554 6f49732e209e38e6dd779252671b963d
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   410264 92c96bc12e1fe35ed18d5e863b71691b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   169914 24a5fcdc4ebc93491a0f70ea2d5bc26b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   174482 fba1ebdb9743a7973b5d3d5f943b1521
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   236504 0ba491e7dd63b06e116becef32a9dee8
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   190596 81973bd063623df482c4c9feb53bfe1e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   172632 b4b5474d58ceb6869be524e7eedcde0c
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   203054 50753c3e0fee1e35bd290da7903eff5a
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   182762 b8bc97c636c1f886a306063ab2888a41
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   265068 d6ab5c744507fd1a9fe6a6828019d559
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158806 0c80f911f973bb7337586d624a6c747e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158856 fc61c5e9ea820e7fd9e3510310245bad
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1941616 b050f50404e8d7bfd11296e4745fd3e3
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   309596 0f948324ca3602a56a9c6d6d7029b902
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   496946 04c400f07131f1fe396100ecd83847f6
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   180580 fc2e265ed3497fcf03781f0edb71b8c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  5009168 582136777e3fbd1102fded416f9bf804
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   283386 183aeab2a61618e245b585344cb1fd63
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   705172 6de19e9b1c942c1c62d165029b0dfcd8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   366064 1c48bae8d4491a4ff4b676736ab175ca
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1111016 9fc618a5c445ed61ea1099d44730d9a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   435082 17cc6e82fefac3ff0e0da0099fc261f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158606 9c67005155a274bca06964f26be4da79
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   790330 984dc8f924bf799cd1a31cde08141708
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   662110 2b3d55d989a06edc35fd750b86258318
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  4582490 83d96569620caf3995c115f0182b3b41
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   855012 86b0f0f3c687cce625e825698ba95298
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   384546 a8ec4021a27da614968f11b1f0d84c11
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   226984 e02156abd0bcdde44b2c4ba6027c0978
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1467016 dc5564cc3943f59450e050d240ac6d19
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   336854 591e181619783ff7003be7ed6b20529b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  5744114 4ce1994ca3f0aa2035622d5f730c7245
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   509408 3a68d04348d4c4b53640706b960cb227
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   912694 39f690caee0037461c210233ae9ea846
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb
  Size/MD5 checksum:    94980 1c57e38030bc1c7311695cef03d2b560

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   301856 2536934226628d0349840161c4239311
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   423574 661cdf850136cc83b7a2f188e53a4e2e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   335342 ecc1597e1221d6752b87b9cbcadddfad
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   836740 1d1f928ad5a6075c7b8d26b479c037b1
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   229996 f96e4a0405bc4e66f93efaffadc4f2e8
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   220530 5509e9624abaeebfafa2238a8174552a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   307000 ef2bcf7574ba2874133c9c89faacf474
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   183790 da2e6b761cfb3ef2da02967c0cc45b2f
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   187868 e4103966dc75c710d449c193d7b0c172
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   212436 b73882b850d9a14ac2676853b4e1365b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   906316 a140bde98edf1894e6e35b655e617f5a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  9887962 ced2fb3657c9406a8dc3888d0a9c720d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1606148 f68d2172e7981a2922dc4da5460a52f5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   355430 d8bab5f8af5411b72bd4c99314b836fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   971308 98b9821f558fdc43c5b4dec4b50e82de
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   545418 0381b705666026787bf62d1b19a1d326
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   437162 b40b327b5b0224d4ea6284af48e0ab20
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1155500 7487439f9ba76ae05c3037d3db271a97
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   545322 899c08785c157f10f657e7acb5ede406
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   264566 5278642e58fb8cb61ade54ae9ea00125
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   201316 aec4b6a598c0d37f9ee2a7c434560ca0
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   525084 ce9b348e4f455a0e236c8abbe88894cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   200834 9ab987825769ca0885bbefb655793bfc
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   484850 f43c52e902a788f0bc47dad4670dbc13
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   241416 a6c1ff2791d41b528d34a2a5b7e0cda1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188316 70ec23e87366fe5d62cc6237a34df58c
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1184954 478f63c5a4364655aad8b35ff2b58d2d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   247942 0d03221e400cdfa4dfa62437e859af33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   230070 4e75172f67d529d5b4960586dffb2326
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   689792 832b63f9f3b4109df89426905c5ddcc9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   164948 8183cb1e03648f3f6cf19544eef00abc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   173644 d194b2aab4f22ed2016a21cfc6cb554b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   210708 cfac0d9056615515ca8baba68d750c5e
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   186904 14761ff4b77ea55e8d5ea1bf838098b8
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   577486 23dcc7933085f8c1ed9ca319bcfb8d5f
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   214096 6902cdbbc99c3d21d8e97d3b2d962d0b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   211598 bb9345c62712925a2a31c681f80d8c78
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   261608 4ee5e1029fe9ab66213c57546ec099e1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   174596 7fd5a663614670bce66dcb18686707fd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   174482 3ae32e6fa2f05345221cdcf5222a0a76
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   204366 83a4a11374d28f11276a812af5a4f189
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   734512 83da9954a4e88ea281aac8e58cce0417
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   410848 fc544e2b161c9c796a97e702064c7814
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1627622 3ad29ccc7e3aa3ff849cf5226a378662
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   192576 191f6eb877c6220b15d3581748bf080b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   186708 4778512f96e02cc2b00f667b7757dd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   415204 c1d5735cb1197a99a0d4a6e08ed8d2ad
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   176850 4276368e65cc7b6d0ced6fee47fd1325
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   180028 535e93c0336b609113938920d2da7b19
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   242192 7a7a71281b43033019a704565a9fc691
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   194772 f6fbbe744696aab7c36f1f118bbbdd89
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   176284 1c925dce81cd41410c433264025c6159
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   207898 981e0a72852e686ebb94b8bd54f16134
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188648 08fc0d4fab01781603e9572fd3e839f8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   312324 a6c63c439a5bb043fe320f4779f8f31b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158796 49f4feb5a9fe370f6ed39115bf6dae30
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158844 9fd7480c8f47f27fd6e0bc7bbf847533
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2774492 3424d3799ae9b7b08e7a66185aef68f4
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   347898 8ae26bdac80c228f162b0fd10fe25892
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   693412 f1a383a2bdbf67626c4389de56597a17
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188856 7c8411b390713431d036b549a80f8d61
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  8121752 763ff2b160b0c0712499eae573f40e44
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   349704 baa5b652ac7da0154ee263c3522d04f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1324528 4854dde9c6fa7cb0dcc6c3862507fb9e
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   797068 1ce3af82028237daea128d7213e89cf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   447492 384596efd464eb27da2bea8b426e9061
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1200974 a9d2b33b28b815cb01bf96ae96093032
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   553512 bc158ab22c3d8949e0e9486d6518af40
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158598 116aa61965b7a3b91b45e317d3e91b75
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1081118 e8b35d16092f656359e9c0bb99b74179
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   946692 c3e728e388711e13d6d2cebd03836e67
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  4773708 fb080167239394d3ba3ae4a71e737546
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1165792 e9456cdb9978268829113f8f687f98ef
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   494608 cf64329bcaf705b4cef3f52c90a612f1
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   260258 741427f481d436aa87d90d59b3e92379
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2383910 4dd936295dc3a5d630906d9c510813ca
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   338584 d5a558ca2dc8e909834048e78204d3a0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  8457416 479bbecbef8d2971225628529a160bb4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   581860 4ba016a1f2b41d055eaa081ec5b04bc0
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1133422 bf77f9281359939cfac6fe550af95f6d
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2610628 6cc3b877c5b52e77dac0e83bd58fa390
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb
  Size/MD5 checksum:   145704 d959399c76a6f63626a83f75dbed9d82

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   241018 77a07432c45b9378936b86794d2bcab2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   331138 64ad4122c8f105a06f56c23d9174cc10
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   282230 c554467354b448f9e165955af4e7b4a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   785174 dd08487031b3e63b50533df646c0e6af
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   200262 060aa0d9cb7282199ca18305b5c821f4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   197746 83836818743f4dd92b30ab3eedcf362b
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   281672 1e1caf7322c340167bb95486494c3012
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   174714 87eddf9c6a897f97952aa91c838eff89
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   180594 573276a89f23874cac04d56e205aec69
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   204752 51890686ef5fe0a32afb5f760e19e1af
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   680616 7200fc49162ebda0d53a7ab4a74bbff1
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  9735198 4c7d703ab09a32257fbb4a7a9ca6ef34
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1320712 16c0e121877da9f823914a14d3e5f40b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   272166 df7b6958c0a1c7017a30f9c7b78ec723
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   885970 0c270453838e035b27714ed71bc9a952
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   389520 46a680064a2f9a1e888df2bd7f7aa903
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   319674 7f7e6f24dac1b7e3f4c41bd3f589d281
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1015288 3253f3dc4f1914004ee0d58e4e1c0f41
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   389430 759f32add2082c6df77263c182b8dd05
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   244390 12f93645d7c7f68716ed544613efeb6a
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   186086 e51920992e3a65fc3d6738517e449792
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   513588 dacd493b35a8a37d1b0326ec265f1586
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   188836 96ec2b33de1690dc8dc1e4dca8a5de24
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   478026 59ab765625ea9dc6da641a8e5d01d1f1
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   229372 59d34c9c15853cb410d5ce3d35924d40
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177524 788b51e970927d25728e597d6efda2f2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1190632 24752ff589468af8133e0e27661cea93
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   213748 ced2278c1ba39a77143cedea80190687
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   206234 4fbbf0148b2cd42a69521255000601e5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   666594 e2ab67ea5ba09f7be87f51beab9d5886
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   162740 2da7b2488ea0dbaf0582960cfcbbb782
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   171686 6fd94e0375a1bbfa758392035ec76c73
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   208966 03cc15b63c820c9568275e4fc248afc8
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177938 0298a644eec5eb22c96672b1364f8ac4
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177392 221bb28eb3760c47fb26797e692d84ac
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   571934 a2e321f788912dc8f4591fd1dfc50c79
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   189722 820323286728158435103af5db8748af
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   191700 7e3e4d432fc65a82689a629af33b6cf9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   239296 141d8cbc8f454a44f79c13dcf1152e3c
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   170844 1a5bd0bb22fd2dfded42c17de02bf2cd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   171222 3aecb797ff7774a2ab5cbb020b8d7583
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   200380 10901ad8dc53221e014db4503f5b1891
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   597690 1e422ffd7f5c0b308b54d0a5a732ad56
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   314590 36483349e4f37219f5ab22061b7c316d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1518028 6dd17e0c9f3869be4bde36d09a1f5cbd
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   184100 90bfe448f4c46e7032235e8a41f6bdec
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   180192 446b94f914b87c2855ab2b6508a001b7
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   408988 5a315e50bbe97cf00ab9c286168480a7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   168920 562498f992c6e330578f5545bfb4c183
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   173734 43011296400cc534ad0e2763a6948209
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   236732 9df9f6739611fb0fb3d13be1604e944f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   190134 7d2773cb87e157ca3872a3749f080ee3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   172066 be4d961e36c50d6db22d0dc790527cfc
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   203030 0ae15e99cf268d4607a9ce9f5a0499cd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   181158 51b4b7ed68aefda9a8c7c4663825bab7
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   256204 6f415eff373b0dd082c3c4cd88f38968
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158800 518d8866e2f0538a14a151e08205455f
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158848 05fdf197054b6de0a875f55cc623a90f
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1770534 a5a3246a865619f16873171292728d4d
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   304782 8c26e77f964dbabad39172dde2f11b28
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   448136 9f5a9f1a513fe8b4e0daddb3500689d4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   178986 1909446f56c676490d9ac52676a45e88
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   284944 026317fc993d1fe1dff80f1ac1eb91c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1197212 8fd8f32f6f3bf0a11401ed7597f39c1c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   689460 a050bbc3a8b3a9f1789aee998e00c918
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   335758 e8e92c844a61419c47bce1aad77a59d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1099042 0a495c48978112d48a084651984482a2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   405664 210e7f001efffbb8aa0cb72a30ecde57
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158604 d34dcc01cd3ea7779abb2fb03a07c035
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   758064 dc880642b8b7e1a8c29101b281d493fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   349048 a155502b312c00034f2ae0ee55a030e4
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   222330 758c282c2ea0fc9acb71bb81a50de8b1
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1240584 4882905dcb51ec7943e1a2af30de7411
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   336750 626286fb3dbfbddac46db00f94247987
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  4544002 e4cc4d1a010460c47e024cbbb3da404e
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   495068 9d646f6246283c9d9ec6203027418988
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   873524 2490473ac20b90a37ee823bef1168001
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1350020 fefe13b0d055607cbc25bea8a8700fa1
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb
  Size/MD5 checksum:    88642 2e821aab336d92fbf4463ec68d549df5

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   269036 e0d614a89eb3c3f0d76c1c32efb658d1
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   383674 85999be5fb8483b01f78ef55432996d8
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   283268 960f5f05ae7fda8191e7c3a0470519d0
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   794896 15bc703842b5c086c0dc32a365e75ec9
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   212428 6e245b0237e014fc807aae8a83765de9
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   200476 7f451738d1c701f31063eca4714a3e82
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   286068 5abe8c7d0b16a59be535313f4a8e5c41
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   178320 26290f78c879e2f18a917e4a0d594c83
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180942 212958ccdb25420a7e8c85efb757419d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   205778 62298420a535e5b9e334be552e02bfce
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   741164 dc4a231aa21b24592af81779a3f0e63a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  9875488 04e5abcf7f591272784c4e8a2de04600
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1448650 ef0aecd48a18d8c0328f8aed260a8056
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   291898 1d19096fdfda44903b79e0e907feafb5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   914694 5cd35836ce90b31192da903fe74b9464
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   457170 75c30aaae65eac879b12d96746024b50
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   345484 61ae086ce3fe377c7ad719ac15bb0e81
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1053840 265f890d3f31f22adfe12929e6927d1a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   457082 dcdadb44978e3efd8d4de14b1bb1e779
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   253440 832c6d9c7c66d6f5de7c8e01627413aa
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   189378 ef74e7e76c3a466cfe4fc965762f618b
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   519556 edf155ff90decb7a0faa5632b5a4cf4f
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   190660 86464457c3e108661887610e5ea83283
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   481658 4d02c7e8a59fc882c249abaecc9fb231
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   234346 48396e6b0a99add4cef783ac8a7aa4a2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180312 7065ff48dd57fc4712290485943d1884
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1200778 8891af2a2b97901ba15daa436bc4a8be
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   229230 b57f350a0b45180482d4773b4d4906df
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   210238 f1d4dceb06755ff6eac535ead7b60e48
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   679006 ab2a5d9d9cf347380e6e8f404972b3a7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   163800 0cb95c62798ce539733e1b6d5f4cd10d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   171894 3dbd7c7abdd64ee3cab8ab578c28a466
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   209482 61a6a45b5b9408f3bfe16d0ab2677e7d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   181812 9608b04167f37a788a8363f622038b3c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   178568 2643b6b2f300b44e9164920e90bc1e32
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   576458 dabd3f68c6c430a417eb265c04f97dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   201004 53b5143cb8b95dd74f4c8c5394447c9e
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   196860 85d7fedaf7f23cfa9f5b852d7c2cf804
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   246082 ac0e1f47165a1449ce01d6fcd99ba377
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   172422 51a54bcd72bbfef34fff324215046684
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   171978 098bb8fef374fd9cacf44fb196dd6a08
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   201692 a0e794a9a0f11782c2a1e2c063c907c6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   658488 cd7fa7d1d143676db6f5b3c669ca2e90
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   337488 ec3a5b787c6ae945a8d4701894b6b47f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1558432 b758c6ae00f6795c2e7612d2b6869427
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   188076 b6383e3e11a196f27b0ebfce5a1249e2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180856 1b3e3fb923a6fed46dfd8a9a819808bb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   411938 8ba6d09b8b594b964de932b10515a848
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   173122 cbb902e5f1004d524bf428ccbb476af7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   175272 78ef33ef661531a62de80c9e02927a3d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   238884 15b59465dccda67bd09e4882848efd07
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   191990 068d261c0a9192bc379118779f04e730
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   172872 081f29507e3b42c5a947425a865d6ab8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   204250 ded6fc6a4c13e4dca7a5fc897b95789e
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   183656 769f16754e841d2b3ede831430ee4d1b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   279012 21e6d974d7bba679c7d0d297694eb6fe
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158790 8091cd2ef7e411b310f45861e8588d52
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158836 433eb908c505bc4abbf45420e3b82ca3
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  2107564 43918ac8ead8b2af80800041bf871aa8
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   316422 c9f27358a4f5da75df8128109fbb43a5
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   543002 cbd4b467bba106c92b1558ced4bf8fe3
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   182624 8420f1c990880b012d9323d0a68d3628
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   283842 98edafc555cb17b7705e96a739f97594
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1205152 6ccc49b27787b426e41d30cd7344fff0
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   753068 25ce758d961646072a6738b691c16d0f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   373414 5bda413e620bb7c40b30cd131af86938
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1144212 942d59d8482805825b108365bda78cfb
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   497118 379dc047cf057a4fb194eea11c9d3ca2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158590 cba4b0c3960a04583aa947eb3ec21aa2
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   933874 1e1331ba64cb1508c4db1df59ddbb9aa
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   406030 e03c389daa5f6be9c72eb63353ce9d72
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   239710 a99463cc6de040a91e2c3485a6ae9b95
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1737236 4268b1a0b2a4ca64811ce65a3ba07100
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   337538 989852b0a430daed12875e29a361622b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  4021462 de4bdda63e45d94a8132c2e94c252449
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   530278 1489eff24482171db1e388ca730595a2
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   983238 a32855e77f25c7e9e21aa96ae8a9d2cc
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1898580 582876c5ccae25dfd144bff7bbfc2e44
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb
  Size/MD5 checksum:   115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   268714 b457217d19fd8fbc43666f54ee3b422d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   383552 5d7b8a8f054a40610496c7b169a02bca
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   282270 3916d3d6ec212b8cf958aecf7283b697
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   784426 8f28ec91456ab0aa9c0fb585b27fac4e
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   212428 28ad717314bacf8db05ae3d9ece564d4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   200466 dd18ec438c8d6db747479b46253b8535
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   285224 025be5d014139ee126025ded5d029419
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   178230 185fd834949d9ec6c15e7df2de864d86
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180626 b7750eedeb125264f01a77756e286d39
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   205458 7a79ee705eba1fb54f85e5038eb8f848
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  9700772 302744dbd76e8b44a9d13a47cb612994
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1448742 398ee2c960b1655c3357c45ab4fa1c5b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   290434 a76f2678ec211948b0145199eb3a3b21
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   903856 0ef7e41798e292ab28d306a702e3b7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   457676 5150db19a905714fb4ae3b84c7cf9895
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   344002 85c98ccc42151375b8cf1ac34adf0d88
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1041318 8355f472163d812e23d1a19b228a8871
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   457578 36228c60dfbf7761a288345c41e625de
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   253406 7e181529a011d49edb98d848c310ae7c
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   189256 419ac92bdd97a369acb97492a734d582
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   511450 c7e564de37bf7b6ae446f0a4356834a9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   190518 82c1bf1e8dce203b3fe4c9f8fb36fa55
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   474102 3d171945e9beddbd6da2b320bc658277
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   234434 38a1c3c1edb0c74305732e47911e7073
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180340 48a789753e9e584c2f8a611eb00cebf2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1172822 4b9dd118b18567a2b9a6d70eddb2cf3c
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   229446 ef7a8df51a89a84fe1a8e9255407a95e
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   210292 1baf340db8decbb6797900b34ef01ae9
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   667708 80772935e2ff170fe06c8f0591d8ca69
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   163802 b288b0a03e674709d36f073e2f2aaabb
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   171858 03c3e449b387a91482d8b21e558c789b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   208910 52fc67c2845f34df0217cb67c305647b
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   181866 37a8cd44a87026d32acc0df14da75c1c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   178588 7a195ed2a458db3d80f37e74c7132826
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   569302 4df5863188eea9c531fb34ba8c914620
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   201112 9b6e9c39d38d1177bef58eb540536657
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   196894 afcef91937f62b700897557f5b63d4a3
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   245904 7f24c0ca154a19aeead58088bd176293
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   172436 23d27469a84fa956caf3311f66911069
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   171948 16d85086518604e7c07479209543ba5f
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   201270 d4743d9d59253608e7fbf3732ad32bc0
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   658586 e4247b61d8dbbcc543c2f81ffd2c4f2c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   337020 f6e748c6108bb629db19d0f0b890d899
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1556268 1f22fb32d46cd7fcaa817e767ed63e60
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   188070 b134b00d3918725f076deb49a8315287
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180752 2ed8865fbf082082b83d692f8b404911
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   409362 c060bc4bb1eefdae68faade8fc4d0e6d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   173228 c7a08401264d1f621dfd80876984c34d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   175314 9224ffb5723a2ee658ca751432781ce3
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   238006 2278377f71a0cf0e8214202a7c137b3f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   192078 cdff976f851d9a639d546e17f9eb58e8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   172872 89a7daed133f163b017cf4769fb72e90
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   203766 8425bd077cdbf5636ec9fa3a40899b34
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   183666 b1cf636c37dd8e9fd270cb46bdc1da1d
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   278418 5729538d364f4f5c8726f788443eb972
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158836 3cce8809849b8dfb61f5ecc67afdf631
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  2104034 acbbc4ba7176a4b6827fb183a2285c53
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   316226 bd2701e346c38ea1e280e4425fab0dc2
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   541750 a16b41e931f59e0c3ab64d0f3fe55591
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   182688 13077c7b948a560332188b139fa2b88f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   280024 fb4d9a96e61c132dbc5da3b7784a973d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1181102 b99aa55dba347f2a4a319fedac46bbb2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   740438 be2c7a300dcbc8a5dacd51864f9b5be4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   373234 7ea4c99de128c118ee62cb7a2360d47b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1123652 f0f7eaef8ac9c91960474085f31a354b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   498380 d46fc14c3ab96e6116e85720039c8bb8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158586 01acd9c9a697fda89a8000adc065aa4c
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   929694 4dd351958a4ec579a305e18b17dc6b79
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   405110 4a7c191e86ad082b1b9a2b16ba52c64c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   239834 3a244ffb3637774c3a07cc33b4d742e9
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1734732 6014914b81a49f5d8210e2beec459785
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   337532 1b7712671ffa568c1ab87b9a893910cb
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  4015554 6343b81312dc1b38035e449f291fc788
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   528816 facf36f32b31a3c47511c50cf46cc5fe
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   972000 0b2178929d57a1967d588f928937874c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1894746 74c426c412ffec5e16f485d18301ea08
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb
  Size/MD5 checksum:   110416 54d82d984ebe9e4b10e69b672c799cea

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   259230 4374f6ebc9200d2174341043c112e109
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   363334 160fc4f3333e6b709bba658d2178543e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   296960 603c9c356c7301bbb3fa9916d1cb0ec7
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   209880 219329af51376127e05af35917a68735
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   204442 d1be96893430d198b15d594d56243a9f
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   404728 9d57cd3cf2d5b249e0cb57d5b30d95c6
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   178144 6cf6e6a63688c7a97e37c9474f3e152b
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182676 56c556ab6b021879101dd701870f0d65
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   250214 661e49c5917779fbef900cd019df3247
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   739352 a3415710c7e7386754bfc8682cfa711d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1400632 bc1b20f4b7c5d3b77ae0aee63effdf57
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   288220 a55ad73354c9090fcf0d8a5cfb4799f4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1335508 683a85aa5049f6cc62fe568d5b75aee7
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   441158 7a73bd998d60d98474044473d7e1e4d8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   343294 71f1eb94d8436bb899d8de6a32da8aea
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1514616 f021b0e71a36cb05f70859140cd708cf
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   441080 aad05e6166ff256afe038261e77efe62
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   249610 761be7ee18d488fe34200d0dbbc67dac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   190510 21e8c664853cf494476e67cb3441b53d
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   724186 ca04220950d4a6182b19f8780a9dddde
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   192026 d3ddb6afd8406af0243609fd0d7dd8de
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   692830 1c8776ab048bbdd4a30e383cd1108e52
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   232648 62b9b0108d803f709ee26a68542fa3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   181744 6f123ac1a4758926ec51709841b13724
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1859126 e043d9aac0b66d62a620655a39ad97ed
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   225148 aea9393faf4b0edaa9103232aa248464
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   211792 137274f7b5d4883a35d6907f280e38b5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1007240 a635dc4740a9dfe704cc24877061c81c
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   163706 b2b7794ed5fe042e0c31fcc0cfb2bfac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   173614 493da0df5065a4da8158cbb17f36b697
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   235184 819d0cc95a1cbfa835a2ed4b7f786165
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   180726 45d11fe75c08934e876787f7036f318d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   180862 a30b2742d24be32833174a4a804ef6fa
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   832030 585c0fe336d9a51ddb9dc21768227226
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   198874 1294737db5224ab3296bfb9044e8832b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   198864 19acebc0a0478a55f99d2bd9f90498a6
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   464002 8842b1d84d667d0484b1a421780a63e0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   171644 bd6629f9e652228fe66e9b0c391db4a0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   173334 b0095bfe736254c0bc7b5c3909879ac1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   645354 f78947afb933be6a464bad4620abd8b2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   337340 1462471e8b2e55e967d37cb0dd5dcb7f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  2248906 aa39c626a490e7443a4bc380f9773aa2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   186706 da779c8c5330d0407be8fdc8bb8173ee
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182192 63d57f316755a6d883cea67ac975f639
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   553672 2582cf21609c1c49f2aa094513e6f4ab
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   171892 040e3f801d40a4ad1bd3a1571ddd5e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   176836 0e5e5ed5df4b61eb6f24ecffe9211206
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   279446 d3a872368f9df7580597389c17d978ae
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   191258 80fb2c1ad08d119ba23bcb3fcb16b1c3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   174466 9be15db49e12d9c9cf4f749fef17e8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   225114 69f231b8328338e02f8da31394d8d5dc
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   184286 f7c882400c739e3599e75e321d5e5acb
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   272710 ab4cc869a57b10cb0950136905b8c48d
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158788 3133edb2bd3a8df3a82a7807309249b1
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158842 f39ce73aad052fc70749989b60d0072a
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  2112920 b63086522de7681a0082a78c5b041518
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   314958 8e52d4a60a0d1b437b06143a8e7993d1
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   508794 28d7b024adde446fb86c6ce2b1f858b4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182900 61d45fc72d6d420debb63987b059bdea
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  3083976 db3db557ea4f14e99e6a43e0fb800fa8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   295876 9917c43004b8dd006f4b320bc351abcc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1904654 b5a2262a4e002e36278c656286efd8d6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   734058 18a3ef403198404e9c682e7e797a3491
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   372376 1507f1c52e26c3fdf13edbfdce59f8b6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1613144 b01d825bab12e0e3c0f72774df57f51f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   468614 eb933fd5af24f8771376e3acac3ef193
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158594 8dd4211d7bb00d471443a02fe897b828
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   808074 d72affd1921fb02b1116143642f031f2
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   690206 e141cc451a8bce56da60b2217234b6a6
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  6682418 be6e6132529820193e66e1c55f007dd7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   885710 ffc8c7adaead9e4f332442833065ec76
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   390178 ccda487d5599a7a8c15280214bd193ef
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   233004 57129736c7e23d01c991f2352001934f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1583670 2dcbdfc3cf2f7f3f2d59f50dba809362
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   337044 ead33998a914ae257d59cbb2845038b4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  5796628 308e7e0b85001e7a3cbfd74c83bbd980
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   515612 173f57fef319a3fcbf3ff2a7a9ba2e10
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   941398 df0360a7806665dcce1725cda3b5250c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1729414 6f361ae8c82eab376e14112caf563627
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb
  Size/MD5 checksum:   110844 bb75f25a0c723952e22c16528dac52a5

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   261016 b11576dfd58cb0b8610013fd1f77da5a
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   356334 c4c20e75114576c7d9dfea92ac735c9d
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   299618 ae63dc230ddf8380bb81ac03e84d9f2b
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   861914 142fce29993e744b67faf15c5acacd3a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   207434 7016c7027a54d8885db3ce2dc9d72bcf
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   205026 1b44e63a82180d29a5ab16a8c7de5a97
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   298232 d4cc2f1a791890214175b650173be0a4
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   179704 eb9f7b47856ab858a7aa7e9540e36ec0
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   183334 86b4707988a2a88b669148b0cc06c5cd
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   209198 ae8ba29733696b125f5099d121d1865d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   754942 6c4b60bab9d918a7a67f6cc5972e6d78
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  9935286 0cfd621c48007ab739925b97afe99459
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1385690 b5ec7f7b5a873a8bc6522ff58b006b5a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   301510 84e66c1848cc1884b260efc6429f557e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   950252 29c6d39aa6989a525debc31d71660cc1
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   434648 fc65b47658b425de6cb92b308e0318e3
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   358550 913c9e37290bc08cb7985d3a5e5360b8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1105980 cc20687246cf71654c2fea70f969945d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   434536 f555cdc669c207a5f2af9f64c4dbf88e
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   249950 e0e278d3653034caa1ad8114de8ce051
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   191178 9877b23f5a8fe9f632516e6cdab20a40
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   526646 e9e92e600aa1328cf692a412dc29d055
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   193812 47843986f43e46a087562dd1ae3a7c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   488660 c36397e3e28c3ed31eb1c270a5b31ed9
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   231170 7343c839b5db38cda03132a2e2f43fb2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180112 d437359c6939bc126aca998a2e0a5670
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1197126 04fef360a0c48ea4cbd22b2275967f32
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   224326 e755b93bffaf5fb3d8c61633debcf667
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   214300 ba38e46a2c08f96758435687abc968ff
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   164022 6bce2fe8f612b51469353c6a81f31777
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   172374 ed88c7ce6cbe8faa23d640b0c9261973
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   209892 58a5154d31b1b2d1345354b4ea289f3d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180542 cd3659e44b98e761976991ec8aec1d2e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180452 25765404e04171f9db00acbe1e1938e6
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   576880 78f5eb71aa6d98d757a8aa36609933e2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   197788 63e02d933765075fda0163cd5f7b2123
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   198936 05e480a70d1637cf60e4b7d769e377b4
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   257746 1178c8bbf47a3da072a01387e26e4f71
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   171692 ae1e7545c18dedb65276509b967c3b6b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   172282 597d3b175e028585a432a5ea7624f759
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   202484 00900f13039ad238178deca2edada9a6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   636288 93c9d7742151efee83b417616042de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   349560 79cc1771215735324036f28543edd6ad
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1593378 f94fcfc6add222a9bd061ed107d3a982
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   187768 50dcdcc21ba681a47770f76e5bbbd16c
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   182564 eb1e3b990359bf9311fbe1b2bf5fdab9
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   413646 53e01dc86afc8d574656110369553b29
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   171496 c902c4ef1ae92f8249b1208063582796
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   175374 65f2f8042c3ba6d65db970a43bab4569
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   239804 88239fd56881a45d163b45744bfae4b6
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   191184 b0da17e90d1610eca0cb66845558ddbe
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   173304 a9ee19c5bbba5e3c05d7628a09dc759e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   205894 34a3d56b36366c1622cced5e3d03bfdd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   183436 94608dfa5b08da618b55044e2ff2aa56
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   276620 cbe760c213039314b7a8bebda37cbc38
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158780 87774e3c0e9a3351f1df7df951920105
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158836 63971433e37d9e530322279eca61a28e
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1716176 cee79d4795b2c9c83b705ff494a74ea7
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   316906 c5b68def10170acf30c3ead53e5baa14
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   530022 4abc93320924d134665914f0b002ca61
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   182340 49bc884ea1d6989ecc1c5b8924c597d3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   330914 b78dc9299d93f5c68e13bbba2e5b1171
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1310732 5d50f31cf6d71e5ae49ebf694089f12d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   730954 4b30d4bd8f54ba04bc79474206d24c20
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   368744 1a3fcaa2b38ab320f2cf780ae2fbb756
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1203426 77382920ec77dcc0fdc2d2111c367466
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   438364 a8f9aa44229d2c9d67bfd9e6c53edf14
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158592 c7351256cd10ca93167a8fa2c420d8ce
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   851034 4b4ed34eacdff567696a351769e91dec
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   354328 66b68028c1ea212b0bcffa74ea31e314
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   235068 1d03c6ed8c54744dfab467051f886891
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   337220 f0680427e0457e75dbcaa5824fdcfade
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   521820 058676242c82729a321b28c9258f869a
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   806406 b67e9bf1e1f71a3e39871efac1ef04ea
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1766784 c5d15916eee193f599fa851ee4efaacb
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb
  Size/MD5 checksum:   112154 a2dfc1a42c434f2903ec9be068e12e30

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   251120 6a6c6f03b37e811ae195469e72c6e38d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   344048 8ba999289d750ba4ee049ed606ce7ebc
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   285098 013a125bd422e828d5f7b4b7caf2befe
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   786826 23029fee14ae423f4a01757a7556f40f
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   206034 e5bfb0235acab95832126c426d4daa22
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   200282 6d51ad473754375427be266be139cf4d
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   283484 64378cbd6be7aeb6788f01da7cde5378
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   176924 90574aacc859e31a6835efde2c649563
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   180862 a148c29afba10d5e75403dea33ddea9d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   204844 6885ec3fcb260cd54c3b10d1a6b80e3e
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   711862 05c681c1d9aa606692192546991dc4c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  9810500 96f9b7f647481a3a8cb07f3e589614b0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1365910 cea371314adc8346bc04d55145bf7132
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   279718 c8759a8f7ba115ae15dad96e66ff3d70
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   892056 f15e34ed247caeeade4397859e8c045e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   417428 ddd304994c35f2b11434cc57678b6200
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   331668 aa8c142b8af774f3fe2b1a9f9afe5336
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1026356 1e8d84afa56fa5a61685ff0b641774e5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   417338 7ade24d52608d946c225e5c4be803c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   247482 2d0dc48c46f5c0aaebedfd207699b801
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   187792 1d819fcd2fb687bbe116b6727326daac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   516558 8c7179f7202d40a5f60dfcddd9cced06
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   189846 bcc85d36bd7863444a561d6d0d7bc1bf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   478100 b381fe292a9fcb3aff5f54a3730c82ab
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   230528 d0e74daf0645f7a4d9e88988b4110f5a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   178522 f797684b630c7b94837dfc064da221aa
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1198574 a3fc69e423818ceb83036878952064af
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   219068 dac8cd1cd25927ab8ba3adb5b3c13d45
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   208188 e99b887c7a5210693174ea0453c4a095
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   673178 f8a305fff41a8fd3560ba9620d68a0cf
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   163184 1ef9674f59e1d452b3b375e3f6cc6ba4
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171726 a42c22e71c8f79ad852b59c8833b5480
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   208980 ee24eb25da955b1b835f4acad6029188
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   178962 fd22df9f1110413451eda040cf3d4215
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   177550 05f9333009b40b16a56a655261c4569e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   573766 fc89bff55941f16ba246471874de95bf
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   194160 e16fe3bc639b204b7121cb63fdb45558
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   195154 bc337cf9957de401de6ba90a6222f94d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   241360 9918a8f85df0c41a4d3ada958d916644
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171148 bc8aad869f6c663b43a0aef73dc8019b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171376 0c7a75d8c7993858930cac664d7482a6
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   200530 e4349aa63bd0681cf66fb531bda10396
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   627184 f4b4c4b5834940321c5fd95a2279e12d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   330450 b93c2dfbebc8a8fcc2713e89ecda986c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1533278 46825c4c0c5d393de98774b47e719cd0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   184926 46b30fe844b4c08a24b868d63dd3bd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   410236 3564a0b2686f28cfe597c1cf97405627
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   170444 ccbcb0f2850701bfc6321c674a8b8ce6
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   174218 e5494fbdb588d2691c253c98d977ce4e
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   237016 4260166015dd5ecf364af96fca04ecbb
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   190284 337d228e15acf2a7cf83026ba3b4bd4e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   172002 6e0d484b45388a3f9e0265831750fbf4
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   202836 43787cf76647ccd5cbd7b9197d6b420f
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   181708 027d176b8b89cf2eecef08b3fa4b90be
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   268224 12152b5bab3f6cce61aa19f9e05941ef
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158632 68eda17dfb6d5846a93627748b1ad4cf
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158686 ec54e69cd4c1c82c623cc53978b22dd7
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1934896 77a1064998455a2cc1c384ae8fdcce29
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   307792 b181b2bdc84e8916e60676c8804d5173
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   498726 08f1f092d52d0f0faea072db99079d0e
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   180478 909f79a3f4a4302fb52cdb4f625de32c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   706072 7bf7c05cbffb036433ec24a9f5006a77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  5583652 c58b16c2d860523368c0ee4624be4803
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   287114 01850d1ca580b4dfb0608f39306a4b91
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1253294 76575b58b1cb40b6c3f060b7c07412c2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   706766 97f87cc7b482596307e4b95b34c38f2a
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   357804 a38bb604c839d14ec09d2cf74e781e64
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1110290 4fc9f2978c422f6771bea6531eaa106f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   442180 5652768f439246c9e1c5ad68e1335520
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158438 8c25fb31872381acd35354f91317c5a4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   823038 85b8ebe6d2e4d633c6dab56666ce2f78
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   695786 0152e635b45f6c6878038ec796dc7cc4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  4596090 9318bd03402aff608c7cb1993a50fb90
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   863010 5d7a9b2b939bebd52b450235569449ac
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   387526 0db93eab07feae51dc80ec0f785bfd66
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   226286 bca8e3ba1abc54e535fc51e791ee23fb
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1494844 492ef231edac7bf67969b425f325e095
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   336664 e6c981e1ebbba26892ab43b94e195c07
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  5432244 6fb260dc0ce16280a897fb71143a5c16
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   508648 d2db70e93fa1a20b801869c2146770f9
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   920670 62b75897a9f1ef8fa41c4877615ea585
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1626640 263daaa71644ff219841c835ca8c5f2b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb
  Size/MD5 checksum:   101352 197681c30bb451093563cb9d9d380fcd

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe cG20nrUmt0Lbb++Dmcukkyo= =uFfR -----END PGP SIGNATURE-----


Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200704-0229",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "rpath",
        "version": "1"
      },
      {
        "model": "openbsd",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "openbsd",
        "version": "3.9"
      },
      {
        "model": "openbsd",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "openbsd",
        "version": "4.0"
      },
      {
        "model": "desktop",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "turbolinux",
        "version": "10.0"
      },
      {
        "model": "libxfont",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "x",
        "version": "1.2.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "6.06_lts"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "linux advanced workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "slackware",
        "version": "9.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "slackware",
        "version": "current"
      },
      {
        "model": "fedora core",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "core_1.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "5.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "mandrake multi network firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "slackware",
        "version": "9.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "4.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "9.0"
      },
      {
        "model": "freetype",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "freetype",
        "version": "2.3.2"
      },
      {
        "model": "x.org x11",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "x",
        "version": "r7.2"
      },
      {
        "model": "xfree86",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "xfree86",
        "version": "4.6.99.20"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.4.11"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.4.11"
      },
      {
        "model": "safari",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3 beta update 3.0.3"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "2.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "2.1"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3.0 (x86-64)"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0 (x86-64)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "10 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "10 (x86)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "8 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "8 (x86)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "9 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "9 (x86)"
      },
      {
        "model": "turbolinux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "10_f"
      },
      {
        "model": "turbolinux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "10"
      },
      {
        "model": "turbolinux fuji",
        "scope": null,
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": null
      },
      {
        "model": "turbolinux multimedia",
        "scope": null,
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": null
      },
      {
        "model": "turbolinux personal",
        "scope": null,
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": null
      },
      {
        "model": "turbolinux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "10"
      },
      {
        "model": "turbolinux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "10 (x64)"
      },
      {
        "model": "turbolinux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": "8"
      },
      {
        "model": "wizpy",
        "scope": null,
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": null
      },
      {
        "model": "home",
        "scope": null,
        "trust": 0.8,
        "vendor": "turbo linux",
        "version": null
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (server)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5.0 (client)"
      },
      {
        "model": "linux advanced workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1"
      },
      {
        "model": "rhel desktop workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (client)"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "mandrakesoft",
        "version": "2007"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "mandrakesoft",
        "version": "9.2"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "mandrakesoft",
        "version": "10.0"
      },
      {
        "model": "mandrake linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "mandrakesoft",
        "version": "9.1"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      },
      {
        "model": "linux ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "11.0"
      },
      {
        "model": "communication manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "multi network firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "safari beta for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.1.10"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "suse linux open-xchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "4.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.1x86"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.2.10"
      },
      {
        "model": "open-enterprise-server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9.0"
      },
      {
        "model": "personal",
        "scope": null,
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": null
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3"
      },
      {
        "model": "novell linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9"
      },
      {
        "model": "linux enterprise server sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "emmc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "0"
      },
      {
        "model": "unitedlinux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "1.0"
      },
      {
        "model": "safari beta for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.4"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "13.1"
      },
      {
        "model": "linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "safari beta for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.2"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "10.0"
      },
      {
        "model": "advanced workstation for the itanium processor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "fuji",
        "scope": null,
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": null
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "enterprise linux desktop client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pardus",
        "version": "2007.1"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "13.0"
      },
      {
        "model": "enterprise linux ws ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "11.0"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xfree86",
        "version": "4.3.0"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "messaging storage server mm3.0",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "messaging storage server",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "integrated management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux enterprise server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "solaris 8 sparc",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "office server",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "linux personal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1"
      },
      {
        "model": "terminal server project linux terminal server project",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "linux",
        "version": "4.2"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "linux personal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "9"
      },
      {
        "model": "open-enterprise-server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "1"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "linux ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.1"
      },
      {
        "model": "linux enterprise desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "secure linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trustix",
        "version": "2.2"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.1.7"
      },
      {
        "model": "linux personal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2x8664"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux professional oss",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "intuity lx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "home",
        "scope": null,
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": null
      },
      {
        "model": "fuji",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": "0"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "8"
      },
      {
        "model": "linux openexchange server",
        "scope": null,
        "trust": 0.3,
        "vendor": "suse",
        "version": null
      },
      {
        "model": "terminal server project linux terminal server project",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "linux",
        "version": "5.0"
      },
      {
        "model": "intuity lx",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "secure linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trustix",
        "version": "3.0"
      },
      {
        "model": "suse linux retail solution",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "8.0"
      },
      {
        "model": "linux personal oss",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.0"
      },
      {
        "model": "linux enterprise server for s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9.0"
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "3.0"
      },
      {
        "model": "communication manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "message networking",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "1.0"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.1"
      },
      {
        "model": "messaging storage server mss",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "advanced workstation for the itanium processor ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.0x86"
      },
      {
        "model": "solaris 8 x86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "10.2"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9.3x86-64"
      },
      {
        "model": "linux database server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "0"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.1"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "integrated management",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "solaris 10.0 x86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": "10.0"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "f...",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": "10"
      },
      {
        "model": "enterprise linux as ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "cvlan",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9.3x86"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.0.6"
      },
      {
        "model": "novell linux pos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9"
      },
      {
        "model": "message networking mn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "wizpy",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": "0"
      },
      {
        "model": "open-enterprise-server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "0"
      },
      {
        "model": "enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3"
      },
      {
        "model": "linux enterprise server 9-sp3",
        "scope": null,
        "trust": 0.3,
        "vendor": "suse",
        "version": null
      },
      {
        "model": "safari beta for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3"
      },
      {
        "model": "broker ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "transsoft",
        "version": "8.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux office server",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.2.1"
      },
      {
        "model": "propack sp6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sgi",
        "version": "3.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "14.0"
      },
      {
        "model": "novell linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9.0"
      },
      {
        "model": "suse linux school server for i386",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2"
      },
      {
        "model": "multimedia",
        "scope": null,
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": null
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.1.9"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xfree86",
        "version": "4.3.0.1"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xfree86",
        "version": "4.3.0.2"
      },
      {
        "model": "novell linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "1.0"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3"
      },
      {
        "model": "desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "linux enterprise sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "secure linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trustix",
        "version": "3.0.5"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "4.0"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "12.0"
      },
      {
        "model": "enterprise linux desktop workstation client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.0x86-64"
      },
      {
        "model": "linux enterprise sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.2"
      },
      {
        "model": "safari beta for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0.3"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "solaris 9 x86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "9.0"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.1x86-64"
      },
      {
        "model": "suse linux openexchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "4.0"
      },
      {
        "model": "linux professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "10.2x8664"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "linux enterprise server for s/390",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "interactive response",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "turbolinux",
        "version": "10.0.0x64"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "linux connectivity server",
        "scope": null,
        "trust": 0.3,
        "vendor": "s u s e",
        "version": null
      },
      {
        "model": "communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0.1"
      },
      {
        "model": "enterprise linux es ia64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux ppc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10.0"
      },
      {
        "model": "enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "3.1"
      },
      {
        "model": "suse core for",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "9x86"
      },
      {
        "model": "freetype",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freetype",
        "version": "2.0.9"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Greg MacManus",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-1352",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.4,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Adjacent Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 3.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2007-1352",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.4,
            "id": "VHN-24714",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:A/AC:M/AU:S/C:N/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-1352",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200704-099",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-24714",
            "trust": 0.1,
            "value": "LOW"
          },
          {
            "author": "VULMON",
            "id": "CVE-2007-1352",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. X.Org and XFree86 of libXfont Used in FontFileInitTable() Functions include fonts.dir An integer overflow vulnerability exists when an excessively long string is specified on the first line of a file.X Denial of service caused by a crash caused by a malicious user who can connect to the server (DoS) State, or X Server execution authority (root) May execute arbitrary code. The \u0027libXfont\u0027 library is prone to multiple local integer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data. \nAn attacker can exploit these vulnerabilities to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. \nThese issues affect libXfont 1.2.2; other versions may also be vulnerable. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. X.Org\u0027s LibXFont library has an integer overflow when parsing BDF fonts, allowing attackers to cause heap overflow through specially crafted BDF fonts. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200705-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: High\n     Title: LibXfont, TightVNC: Multiple vulnerabilities\n      Date: May 08, 2007\n      Bugs: #172575, #174200\n        ID: 200705-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in libXfont and TightVNC,\nallowing for the execution of arbitrary code with root privileges. \n\nBackground\n==========\n\nLibXfont is the X.Org font library. TightVNC is a VNC client/server for\nX displays. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package            /  Vulnerable  /                    Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tightvnc     \u003c 1.2.9-r4                      \u003e= 1.2.9-r4\n  2  x11-libs/libXfont     \u003c 1.2.7-r1                      \u003e= 1.2.7-r1\n    -------------------------------------------------------------------\n     2 affected packages on all of their supported architectures. \n    -------------------------------------------------------------------\n\nDescription\n===========\n\nThe libXfont code is prone to several integer overflows, in functions\nProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). \nTightVNC contains a local copy of this code and is also affected. \n\nImpact\n======\n\nA local attacker could use a specially crafted BDF Font to gain root\nprivileges on the vulnerable host. \n\nResolution\n==========\n\nAll libXfont users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=x11-libs/libXfont-1.2.7-r1\"\n\nAll TightVNC users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-misc/tightvnc-1.2.9-r4\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2007-1003\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003\n  [ 2 ] CVE-2007-1351\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351\n  [ 3 ] CVE-2007-1352\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200705-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n \n The vulnerability exists in the ProcXCMiscGetXIDList() function in the\n XC-MISC extension. This request is used to determine what resource IDs\n are available for use. This function contains two vulnerabilities,\n both result in memory corruption of either the stack or heap. The\n ALLOCATE_LOCAL() macro used by this function allocates memory on the\n stack using alloca() on systems where alloca() is present, or using\n the heap otherwise. The handler function takes a user provided value,\n multiplies it, and then passes it to the above macro. This results in\n both an integer overflow vulnerability, and an alloca() stack pointer\n shifting vulnerability. (CVE-2007-1003)\n \n iDefense reported two integer overflows in the way X.org handled\n various font files. (CVE-2007-1351, CVE-2007-1352)\n \n TightVNC uses some of the same code base as Xorg, and has the same\n vulnerable code. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 9c14a56106984cd16780a1fd7e9c7beb  2007.1/i586/tightvnc-1.2.9-16.1mdv2007.1.i586.rpm\n 8aa3673bc8843dae12d9f18c4226214e  2007.1/i586/tightvnc-doc-1.2.9-16.1mdv2007.1.i586.rpm\n d78d10a879bc1b1c461f75b815dcd656  2007.1/i586/tightvnc-server-1.2.9-16.1mdv2007.1.i586.rpm \n 59e94b523bc078f3997f689dae0e22b5  2007.1/SRPMS/tightvnc-1.2.9-16.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 26e585c8ba950720c17ea4ce1373c05c  2007.1/x86_64/tightvnc-1.2.9-16.1mdv2007.1.x86_64.rpm\n 6f031ef92c5bec87488bba5861f0d41e  2007.1/x86_64/tightvnc-doc-1.2.9-16.1mdv2007.1.x86_64.rpm\n 205e13d0c46dc25bfa39c7dcfafe6dcb  2007.1/x86_64/tightvnc-server-1.2.9-16.1mdv2007.1.x86_64.rpm \n 59e94b523bc078f3997f689dae0e22b5  2007.1/SRPMS/tightvnc-1.2.9-16.1mdv2007.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n----------------------------------------------------------------------\n\nSecunia is proud to announce the availability of the Secunia Software\nInspector. \n\nThe Secunia Software Inspector is a free service that detects insecure\nversions of software that you may have installed in your system. When\ninsecure versions are detected, the Secunia Software Inspector also\nprovides thorough guidelines for updating the software to the latest\nsecure version from the vendor. \n\nTry it out online:\nhttp://secunia.com/software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nLinux-PAM Login Bypass Security Vulnerability\n\nSECUNIA ADVISORY ID:\nSA23858\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/23858/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nLinux-PAM 0.x\nhttp://secunia.com/product/1701/\n\nDESCRIPTION:\nA vulnerability has been reported in Linux-PAM, which can be\nexploited by malicious people to bypass certain security\nrestrictions. This can be exploited to login with any\ngiven password if the hash in the passwd file is \"!!\" or similar. \n\nSOLUTION:\nUpdate to version 0.99.7.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nBernardo Innocenti\n\nORIGINAL ADVISORY:\nhttps://www.redhat.com/archives/pam-list/2007-January/msg00017.html\nhttp://www.redhat.com/archives/fedora-devel-list/2007-January/msg01277.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Multiple Vendor X Server fonts.dir File Parsing Integer Overflow\nVulnerability\n\niDefense Security Advisory 04.03.07\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nApr 03, 2007\n\nI. BACKGROUND\n\nThe X Window System (or X11) is a graphical windowing system used on\nUnix-like systems. It is based on a client/server model. More\ninformation about about The X Window system is available at the\nfollowing URL. \n\nhttp://en.wikipedia.org/wiki/X_Window_System\n\nII. DESCRIPTION\n\nLocal exploitation of an integer overflow vulnerability in multiple\nvendors\u0027 implementations of the X Window System font information file\nparsing component could allow execution of arbitrary commands with\nelevated privileges. \n\nThe vulnerability specifically exists in the parsing of the \"fonts.dir\"\nfont information file. When the element count on the first line of the\nfile specifies it contains more than 1,073,741,824 (2 to the power of\n30) elements, a potentially exploitable heap overflow condition occurs. \n\nIII. \n\nAs the X11 server requires direct access to video hardware, it runs with\nelevated privileges. A user compromising an X server would gain those\npermissions. \n\nIn order to exploit this vulnerability, an attacker would need to be\nable to cause the X server to use a maliciously constructed font. The\nX11 server contains multiple methods for a user to define additional\npaths to look for fonts. An exploit has been developed using the \"-fp\"\ncommand line option to the X11 server to pass the location of the\nattack to the server. It is also possible to use \"xset\" command with\nthe \"fp\" option to perform an attack on an already running server. \n\nSome distributions allow users to start the X11 server only if they are\nlogged on at the console, while others will allow any user to start it. \n\nAttempts at exploiting this vulnerability may put the console into an\nunusable state. This will not prevent repeated exploitation attempts. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in X.Org\nX11R7.1. \n\nV. WORKAROUND\n\niDefense is currently unaware of any effective workaround for this\nissue. \n\nVI. VENDOR RESPONSE\n\nThe X.Org Foundation has addressed this vulnerability with source code\npatches. More information can be found from their advisory at the\nfollowing URL. \n\nhttp://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-1352 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/21/2007  Initial vendor notification\n02/21/2007  Initial vendor response\n04/03/2007  Coordinated public disclosure\n\nIX. CREDIT\n\nThis vulnerability was discovered by Greg MacManus of iDefense Labs. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. =========================================================== \nUbuntu Security Notice USN-448-1             April 03, 2007\nfreetype, libxfont, xorg, xorg-server vulnerabilities\nCVE-2007-1003, CVE-2007-1351, CVE-2007-1352\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.06 LTS\nUbuntu 6.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n  libfreetype6                             2.1.7-2.4ubuntu1.3\n  libxfont1                                1:0.99.0+cvs.20050909-1.3\n  xserver-xorg-core                        6.8.2-77.3\n\nUbuntu 6.06 LTS:\n  libfreetype6                             2.1.10-1ubuntu2.3\n  libxfont1                                1:1.0.0-0ubuntu3.3\n  xserver-xorg-core                        1:1.0.2-0ubuntu10.6\n\nUbuntu 6.10:\n  libfreetype6                             2.2.1-5ubuntu0.1\n  libxfont1                                1:1.2.0-0ubuntu3.1\n  xserver-xorg-core                        1:1.1.1-0ubuntu12.2\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes. \n\nDetails follow:\n\nSean Larsson of iDefense Labs discovered that the MISC-XC extension of \nXorg did not correctly verify the size of allocated memory. (CVE-2007-1003)\n\nGreg MacManus of iDefense Labs discovered that the BDF font handling \ncode in Xorg and FreeType did not correctly verify the size of allocated \nmemory. \n(CVE-2007-1351, CVE-2007-1352)\n\n\nUpdated packages for Ubuntu 5.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz\n      Size/MD5:    57463 b8f6fa3ee48672ceca86bf9625536545\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc\n      Size/MD5:      695 b4b76f4eb02a68844666cecef2655e87\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz\n      Size/MD5:  1245623 991ff86e88b075ba363e876f4ea58680\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz\n      Size/MD5:     7087 fa6f3d6472398c4afe51232508d5bd25\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc\n      Size/MD5:      771 220ed305b077585687ccec6564955b03\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz\n      Size/MD5:   788911 32b390bd94e4250475702e668b2bf243\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz\n      Size/MD5:  2491611 eaa8cba7cdd69c746d88c0c28fe51c5c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc\n      Size/MD5:     3728 9ae8a29c6619763c73ac3c7554615886\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz\n      Size/MD5: 49471925 34cba217afe2c547e3a72657a3a27e37\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb\n      Size/MD5:    65788 12bad26276ea4cb67cd2ef6959e8dc59\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb\n      Size/MD5:    72432 2c968bd2d7fcc1f5f7ebbc07193f58a5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb\n      Size/MD5:    65560 073f34a0d879c566823c70a701e40aeb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb\n      Size/MD5:    92072 af61cbb4688ff1affeed10a82a8660dc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb\n      Size/MD5:   715620 e4f2e86619a5f21ed660eca3f03897e3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb\n      Size/MD5:    65536 e1edff49971cdb0872f71941f37950b3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:    75540 9be3f1b17f6ca112f2907b69d1e87ffa\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:   722918 748a13b1cfbdf910d89f435a822d0546\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb\n      Size/MD5:   241784 bc3519b183a983495121373cd78c9456\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:   392948 d6f2e48fe489ca394fad153c07400d14\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   297970 157c10e1e0db8aced07b462777318da5\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   377708 bfc5fba5bc6305a66dc0836712e7a91b\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   243588 f275099ce971aa990f3d28e0d7aea5f3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb\n      Size/MD5:    65746 e85a37b8b5ca3e0150961324914dd38a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb\n      Size/MD5:    65774 dd5d197fe97c558ec418dde967a914a1\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb\n      Size/MD5:  1029630 40e93609ec560b44558b86cc717d2991\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb\n      Size/MD5:   117402 35860dfb00719c6fffddb2b4a5747abd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb\n      Size/MD5:   113704 24f40fbf5593dd653e72f6c2797516c0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb\n      Size/MD5:  1526642 e357f9979668602743c2596992abee80\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb\n      Size/MD5:   123324 d10670b3b2a2ae50b816062e004d1b7f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb\n      Size/MD5:  3993068 d361ba44f7464198b2d990dd2f939ff3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb\n      Size/MD5:  4773852 f644788b79b0d0a6deb0bb3e27743416\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb\n      Size/MD5:   126370 521f72819330e496e89a253021cf5215\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb\n      Size/MD5:    73882 3ebb4a5f56625e7b78d9e536072bc763\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb\n      Size/MD5:   324240 e01da75bc223cdd1b8699b19291334d6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb\n      Size/MD5:   152244 43f0e543b835068278f56c60690769bf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb\n      Size/MD5:   101702 9ebbefa73e1c3194b6c04269fdb292d8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb\n      Size/MD5:    81032 5d524764bb1c2bd8b918ed563b68886e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb\n      Size/MD5:    70664 2db770e3cc6802174762f55c99ffd1b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb\n      Size/MD5:    74290 49d5ffa068a163464a569a4c8cd662f1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb\n      Size/MD5:   160244 e59c1b781ec041ac3df2486743ba07cc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb\n      Size/MD5:    89792 4b5528d20347eb721df443aa14be6084\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb\n      Size/MD5:   168474 a98c9ebf3b71b96066ee96c461e51de1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb\n      Size/MD5:   154206 f146cd927b79c7f43fc4afe904fd7028\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb\n      Size/MD5:    99620 45382b9464fc7c21021ca81f7601977a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb\n      Size/MD5:   131230 d73416650296039e0d59d2a2b75f2d8e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb\n      Size/MD5:    90240 5af0c68193b4349fbcd239ec482ed2ab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb\n      Size/MD5:    91726 cb82c871f03ffb6e968bea210a6af75d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb\n      Size/MD5:   104188 eb7e8e83da3cf9b4e7c65ed24b92a2e0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb\n      Size/MD5:   107776 31c8cc09a6a9241c91d2c03975287842\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb\n      Size/MD5:   105300 e06379b5530410c398c23d24e4a2682d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb\n      Size/MD5:   340896 0114deb2e7cea78860e08ada6fc9d3d9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb\n      Size/MD5:    99038 bd5c774e186120d851799de0d060ef3f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb\n      Size/MD5:    88846 e611135fac9da5e514defd35fadd8025\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb\n      Size/MD5:   132244 aab798cb57d644b327fe6a7bb5c51637\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb\n      Size/MD5:    96404 3ee874ea69eefd45491d6ca56830f307\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb\n      Size/MD5:    73392 6d5439acff5d2098ca6741cfb8ef6a00\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb\n      Size/MD5:    77434 6e8e03907c375a01588e05d5e1b18b23\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb\n      Size/MD5:    75352 b12939451111e63dd0917362e42ec4cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb\n      Size/MD5:    70676 730768c822fa4c806bab0459866971aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb\n      Size/MD5:    80550 184a471135082d501936061092fb607f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb\n      Size/MD5:    70248 656d22076f2b45ded25f4d2f08d8801a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb\n      Size/MD5:    90044 676d14ebebf88b4e12114b08b169003c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb\n      Size/MD5:    71032 fd5b286d4122018630fe6afec181edb6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb\n      Size/MD5:    70166 f1c622c52ee792548953adce5f372a2d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb\n      Size/MD5:    69772 099498b9bb81379b15f5c24741a2befc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb\n      Size/MD5:    73234 3410e093a87090fcf4ca0134c7f00ab3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb\n      Size/MD5:    70778 b37384a5c58b046fef89f487ff49f5a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb\n      Size/MD5:    72940 b873ef7a14637241aacfbce9951b60da\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb\n      Size/MD5:    74632 79a5026db158fb123ff54af1e35d501d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb\n      Size/MD5:    69366 8f0c8b39e5f88d657a8c038aae1305eb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb\n      Size/MD5:    72022 0dd20d44c7f77c47c3dd3f7a3353b894\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb\n      Size/MD5:    98390 2c172d033b5252846ceeee40990d0a16\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb\n      Size/MD5:    73580 3d3b88bf32deff96a074b58a30a0cbee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb\n      Size/MD5:    71608 db4f436ea8ad1ecf12698014afca127f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb\n      Size/MD5:    70346 ca124fdfda754fcd9a91adb46d62a84e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb\n      Size/MD5:    69124 ac4fa56df52b175d81769cc20caf3777\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb\n      Size/MD5:    72888 c1279a890e388b9cdb7e8e79c6e6cafb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb\n      Size/MD5:    70860 c17d207b3d04bd35ad5afa7ba56597e7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb\n      Size/MD5:    67680 77d2e92de46a38a197f62355e45a84ee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb\n      Size/MD5:   101040 b66ac048fc5858c86e9dc079c79f8b38\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb\n      Size/MD5:   274146 40e3014ce80f6be8852fa043105bab70\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb\n      Size/MD5:  1640494 bf0c8235665a11c099cd227ad2b3a60b\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:    52860 8f9822785a4d4feeb120b7ef6d874709\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:   686404 46b3001cdee7cd73141461033f8f4482\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb\n      Size/MD5:   209260 17f5df161bde9954b46051ef2e989159\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:   361112 e8d31f9d89c442a5834144b374b49a54\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   275968 4d5e4d8c032a149c09033a3f4d078faa\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   321688 f7e708a09b31924830357d10ad2fec40\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   217758 a18b74fa709fa38ba055e8e4b820a09c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb\n      Size/MD5:    65750 86dfe78dfa09f1d7a52d646fb10401cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb\n      Size/MD5:    65778 5dbe48fb74851b2c6e85cd143560884a\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb\n      Size/MD5:   880068 69e876557cbb97c0b51a2574f2ab4a2a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb\n      Size/MD5:   111442 5fb72b1e75b0a6e8a528940045233288\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb\n      Size/MD5:   107366 88bf57b6009f6e5e1b74543933d90952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb\n      Size/MD5:  1282444 a1616fca7bbd45734eeac5dbadd4ddca\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb\n      Size/MD5:   122984 46402235fcb4c943f421d0081767c228\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb\n      Size/MD5:  3393114 cf2287d566a90325bdf5d37d0d772c9f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb\n      Size/MD5: 21046384 e74d9ad7ebea1118a0991b54de50b21b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb\n      Size/MD5:   122974 a2d63f1a30e2e8778d3737d334224e44\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb\n      Size/MD5:    72406 c79fce80a122bcb69cb8aa2840027183\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb\n      Size/MD5:   300354 be69393fd4c49073fc291d4382682af6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb\n      Size/MD5:   147054 13477206d327d76ed6cc6760081b6a0d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb\n      Size/MD5:    94812 6dbbfc2081ce19bd705e65a76c370b18\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb\n      Size/MD5:    79216 96e108be36d7e96d1d7c61c55d2eada5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb\n      Size/MD5:    69808 919b659eacec53b4612e0fac956adca7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb\n      Size/MD5:    73250 78bb84280077b3aba53beded9161a244\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb\n      Size/MD5:    74914 040afc6608d22fee2eae20ba8b0e840b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb\n      Size/MD5:   159892 2780f991c85e2be15dda1635f8c98b11\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb\n      Size/MD5:    87476 f4505c09091c8d4e49b3bbb345340e2e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb\n      Size/MD5:    86544 d08ed7ba7921a6341be43b1b597c7c01\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb\n      Size/MD5:   158570 b6a1db2cde816a16be29d2aeb627ebee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb\n      Size/MD5:    73262 07d1fa25882621bad5be61b318fd3a66\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb\n      Size/MD5:   143748 8868549c96ba8150954a69cbf3730801\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb\n      Size/MD5:    95818 b3b86c3fdce299e35aba1f8189fe5005\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb\n      Size/MD5:    74236 e55cf778b3b0f1d43604722bdd8689b2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb\n      Size/MD5:   160514 2ececee8091f44f6dd61de03d9ddf77e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb\n      Size/MD5:   123050 8e43b21c9dce1af5e5b88f24b8239952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb\n      Size/MD5:    87578 52ec26ae5b375ef892d6a86f180577db\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb\n      Size/MD5:    88736 1538d94d86c0603bde8c1f8504121c8f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb\n      Size/MD5:   100086 c31e59302ae59a2b4eeb015050922b41\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb\n      Size/MD5:   102452 f1eec9b8382457b89406d69b526ad11e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb\n      Size/MD5:   102018 fe04cd8d4a6e461491add407142d3ff8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb\n      Size/MD5:   320680 c7a5363feaea7213a73835fb53a023dd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb\n      Size/MD5:    94190 4b8e7c65cc416de4a6d4691250776493\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb\n      Size/MD5:    86104 94013a70b7734e0f4205e723093f71a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb\n      Size/MD5:   125852 2352b91c3e6f9de7f5e5d63efdb22c82\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb\n      Size/MD5:    93760 809003f68c722bd4cfae1a197fc5f652\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb\n      Size/MD5:    72098 5651248f206d8b9987370ebbd24531ab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb\n      Size/MD5:    75834 e41fa0b5de64e33a4c38c15f947cbb37\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb\n      Size/MD5:    74320 9f80f3d04c9ffd9f5a505847a7fbbc4e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb\n      Size/MD5:   138682 7e1c4877500e1dca3a735dd2f33d3193\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb\n      Size/MD5:    81378 ea3a2925ac33d30af17a184c1160ab34\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb\n      Size/MD5:    70188 dbba5b087d2dd682d7df359c6ecf7aaa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb\n      Size/MD5:    79394 52f292de69593f4126072df958002b5d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb\n      Size/MD5:    69716 edd13af3e98d5f70248479424f7597c2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb\n      Size/MD5:    87794 c6c08212db44d8cf26e0884a04c2d9b9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb\n      Size/MD5:    70516 a91e7e0beab053a8ff753050c2f15b35\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb\n      Size/MD5:    69564 618499e29d79c7bc8f11ffa925c09b75\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb\n      Size/MD5:    69266 f457352b4675b27b7d40337cbe0a2695\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb\n      Size/MD5:    71954 153e6af112f360033a37aeb4670c14cc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb\n      Size/MD5:    70338 c01097e2eb0a2a3abc95a3dfa0247327\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb\n      Size/MD5:    71888 2f84d4568562561ef3498c9791ccab7f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb\n      Size/MD5:    73402 7e0ab015ba49f103afb96c7211ce5755\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb\n      Size/MD5:    68822 4f17e665de66a9940ff3c6722fb08198\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb\n      Size/MD5:    71282 ac55322bb00e6c33b1f764e47a2896e2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb\n      Size/MD5:    96556 c3fce835be42eb0c31d03056fac32376\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb\n      Size/MD5:    72546 05232e76ad9b9dc93d3db86c423d1b7c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb\n      Size/MD5:    71022 4fd42ec380a437249a026bedc2e44cfe\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb\n      Size/MD5:    69748 7f95915c766d8f5486b6ee4af5f824ca\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb\n      Size/MD5:    68636 6e64a58144fd2364f5a27cacadc668a4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb\n      Size/MD5:    71956 f9a757c36bec95a75413995401d7fec8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb\n      Size/MD5:    70302 2ec147acfc14c068896185d2dd01887a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb\n      Size/MD5:    67446 ca456ab89714cb807ab26dfa676578b2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb\n      Size/MD5:    96986 2799f489d096d23cc91037d7705f7abd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb\n      Size/MD5:   274176 ea1d2fc5b60b7754d47ada4cbbe7a612\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb\n      Size/MD5:  1383664 7fca88ca86e1d9545c0a5a7ed877f2cf\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:    80654 12c06589e94a6d6da139a27d5bd48b4c\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:   729308 9c85d5592d0f162884bc52bc82e09457\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb\n      Size/MD5:   230642 65a12121f60f8096bea04955e30ae42a\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:   382478 7b1ac5f12fdba3482ad3251c3c24bef3\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   286022 d37d7708a0341cd63c1390fb0ff387a9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   373114 ed63b7e61d8a65f90cd8c3599d0c96a6\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   237726 289174b8732579cc6b38f50f6398525e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb\n      Size/MD5:    65746 c5de437f4027dec1acb8640bf14c4ccf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb\n      Size/MD5:    65774 9d5e6b227f9799035e83f10ffa1f4cbe\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1006498 218159bdb9b8b250ef184881db5364e6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb\n      Size/MD5:   114636 384d4379cf21cc360da3f74252dc6e48\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb\n      Size/MD5:   110580 054183b9a9c8a86fefac3017592eeb3f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1477044 d49494dfeb3fbb06cc60ac2397b104b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb\n      Size/MD5:   123370 5084044b08a994ade1e05ca769fbfeab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb\n      Size/MD5:  4153716 d136a45467ed83aa7c9be079d38bbea1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb\n      Size/MD5: 17841844 cc6a10b4f49e0a3dc197f4b4a25be310\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb\n      Size/MD5:   316180 8da85e525823bd09bc3648d5f642baad\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb\n      Size/MD5:   158800 f6957aec1dfb811624d4223b3b8792c3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74910 886ebb1cc261a13774fb37442f67b04b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb\n      Size/MD5:   177164 4df697145e0bc9e405269f370c098ad3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74766 af48765f0b61b699ef013e7fb91d0563\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb\n      Size/MD5:   154718 49e8c9067f4196f735100fdb88abf241\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb\n      Size/MD5:   133938 1f37af997b732cce638c2f442ac32c27\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb\n      Size/MD5:    98722 fd531207bb51ee7557839113134c03de\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb\n      Size/MD5:   107536 eb327385a5f0410f9a1180d7c6808903\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb\n      Size/MD5:   110162 a70cd8531c61382bcc07b92a34202bed\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb\n      Size/MD5:   368234 fde514af99dfabf48ab685c95a95249b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb\n      Size/MD5:   100614 d6dabc2023c08f6379f0fb98d3c076b3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb\n      Size/MD5:   142422 42f616549b5dac01f66403b64d5c5e5c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74212 d6d45dde725417a9a4b014c65a41cb12\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb\n      Size/MD5:    76358 450f581f1d862d20f67f0054ea46cc66\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70846 9b2d0fa88f4fa0edacffdef2ee62901a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb\n      Size/MD5:    82626 b4af3fee8db47771e9325f634119c6b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70766 2f945c77af13fed6788bdabc71c312ce\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb\n      Size/MD5:    93244 e8dee7a2b70acb94d51c7cd1c1e97b9c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71734 e73893cfe3b9d5b693569c2382905cf1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70374 7082960291a9bb88d003eeeb4285358b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69938 d7113c27bbd386c14ff9a2b712c51342\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74028 4bd41187c68fa51fb0adced0ccaad0ac\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70956 a0f37dfd435cba240a1d3a35f27841aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74336 41cacbfcdc99b42b0264d82a7578a8ec\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74960 52611ed1fc10530d4ab44fd16577bce1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69550 22c49ab9f187bdca55a0fbb83857ce25\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb\n      Size/MD5:    72498 44c3195bdcf64c2c5cf8504f6089e619\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb\n      Size/MD5:    99586 ac9781c897e4dc052af9c9c80a4853db\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74312 6d10ae854f4e4a3c5f137950e307db5f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71850 80b3b7bd7b567be9d5dd896e8613ec16\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70548 37d1b7c034b9f792608d3e6dd2a867d1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69216 7ee83181573ac45a56f2a4fb044a5e6f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74222 a0f33d1df407af5b5a6c51a5882a9e60\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71126 9140e6af3e6ad35bd68a5f5968399b0b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb\n      Size/MD5:    67622 d3f49e28e34a285865f8870b3eeb8aae\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb\n      Size/MD5:   106738 88fbfbd6e6ad9f5336552ec2e50ec9a1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb\n      Size/MD5:   274024 93076262a05833b4807e98699103d946\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1590104 e71d49333a98a285fe438d08e48ca2e9\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:    68646 bd18602999ade0786089cf0c117a8340\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:   699952 0697ae616e5f96afe661a7a121eaf8ee\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb\n      Size/MD5:   216454 7d29da7d817ac7ff1c6d7914630493ad\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:   367276 9024cd052d0210a8bacdaff20589b06c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   294964 b666356962ef9506da0b76efd05c9908\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   324238 7dfef6defc80be665990fcbdd0e08e2e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   232476 dd914e38e4765a07e0980dd6ad5907b8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb\n      Size/MD5:    65744 69da99ffdd8daf0a439b098b2e284b32\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb\n      Size/MD5:    65772 de0733e94929d4379e05d3c88a13a285\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb\n      Size/MD5:   920880 2d70ca5f3de16d1192b1c05d99e21d93\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb\n      Size/MD5:   112780 bf763538fea32c5f73f85ab86438014b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb\n      Size/MD5:   108622 99531cb07cdffc17daf11727bc7e11bf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb\n      Size/MD5:  1357838 e4491783b6a9e3d45d19a1ffa086bc81\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb\n      Size/MD5:   123326 32c21b631ab344dd58d27bf7a62c605b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb\n      Size/MD5:  3746340 8e6087848c828cfc5d72cde99b21242b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb\n      Size/MD5: 19778476 767707fd2df5e224381a33fa872cf19a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb\n      Size/MD5:   124424 081cfba509d6784ba22518521c18aa79\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb\n      Size/MD5:    73344 ca0e2f22257a9911dbbe7c9c0f479d57\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb\n      Size/MD5:   302440 861d677e1de334391174481377f437cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb\n      Size/MD5:   152068 643d54a96746678c36f17c3ffd3ab91c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb\n      Size/MD5:    99108 b1a219d38a08ec0a3ca4cecba79a2784\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb\n      Size/MD5:    70306 2b541fd5e4f10f05266800b2f977f120\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb\n      Size/MD5:    74052 448582ffd40305e797cf2815c6f9c1a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb\n      Size/MD5:   174824 44a2ace41f17b1f0da1c3ff7199de0f0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb\n      Size/MD5:    90378 e8c95b12f1882e1f9294cb9821dff299\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb\n      Size/MD5:    88784 7069730f8ea7530b607c0ecdedabe693\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb\n      Size/MD5:    74196 a67897463a21167d281a29fab9414ecf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb\n      Size/MD5:   151636 442a736cb4530a699e4ea844e01763a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb\n      Size/MD5:    98780 9b374f040468ddfa4c8559c63e4598e1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb\n      Size/MD5:    75054 e41f20599375cef562d50cfd5ea91f22\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb\n      Size/MD5:   130164 7d81597fa246853896dee123c93a3443\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb\n      Size/MD5:    89382 0c4f8f40654fdd09e520145ca2e886bd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb\n      Size/MD5:   105294 1f6862c1c719219da1b965623774def5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb\n      Size/MD5:   107562 634a4e99cee1f7ed5a96fa6d1e5053aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb\n      Size/MD5:   106838 ca4bcbbcbb250fc4374477ef17dd5dbd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb\n      Size/MD5:    68678 95aa8f3f675f84b9b445fd5a85c75952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb\n      Size/MD5:    69252 2d87f35b35295d29bdd76a8172351ac2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb\n      Size/MD5:    68734 8809dd6543372feddd2a5886f6976776\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb\n      Size/MD5:    69728 1b59fdb3a45e0a569445b34d064d0633\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb\n      Size/MD5:   127670 0b38955174a4ed44bd4578c87da66684\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb\n      Size/MD5:    81660 117464ff17f748d0c95aa59f89abf250\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb\n      Size/MD5:    70446 e69222c475300674077226d927e4a156\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb\n      Size/MD5:    99410 33d1cafe6bf0edca99ba9392966d6ab7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb\n      Size/MD5:    87728 726ce3e0143dafcd495e3de4a40cf8c0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb\n      Size/MD5:   131950 e98574be1b719debd2c4542b199cdfcc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb\n      Size/MD5:    73412 b1d2672fcf4c22e883e9b93ddfe70e1a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb\n      Size/MD5:    76710 1254832b3fa89d4cf901bce0bb79c6ba\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb\n      Size/MD5:    75206 36b39c918f6061dd11711972d2025110\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb\n      Size/MD5:    82618 c65b2958ebcc66702c6db1a24aee3813\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb\n      Size/MD5:    70412 26c69d8e78229e07af1aa8176594728d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb\n      Size/MD5:    80920 710cf56fd1e938d25cd1b0ad6a524a08\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb\n      Size/MD5:    70316 83f3d61a2bed0574b25b2b0afb808ff6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb\n      Size/MD5:    91828 01867c3013e5a645d22cd97dc2068e1c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb\n      Size/MD5:    71154 447987785afddd40f58871ed82d1d8c7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb\n      Size/MD5:    69880 df7253bb410088887e963b4ec185a761\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb\n      Size/MD5:    69582 772f0ae3564c523c6f010b9e54b9dbe6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb\n      Size/MD5:    73168 0a6bc07c0a89ed382852a9f22212882f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb\n      Size/MD5:    70622 a647189fd612aad8b9d57ee1d8d29da4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb\n      Size/MD5:    73350 e5ca5c4d5c85b8b58a2d966c9cc122a5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb\n      Size/MD5:    74194 2d9b7ab568db94f2fdfbf9208c51f269\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb\n      Size/MD5:    69170 bd51f60f99bea164a1655bf99d81080d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb\n      Size/MD5:    71910 f439b8d1778d01df70f869e04d0f916a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb\n      Size/MD5:    97820 daa144c86465f941bad248f7f2011095\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb\n      Size/MD5:    73544 67eead253f6f73a4c95cff9ee3fe5e45\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb\n      Size/MD5:    71470 462bf1db6bf06a3541c048e978f619e1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb\n      Size/MD5:    70044 56d63787661918acfa11b4c2edf1b363\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb\n      Size/MD5:    68896 407a96555ef0aca1c0f862756985bcc4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb\n      Size/MD5:    73208 c124d986e5ede6f22d2e6e4468ef44da\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb\n      Size/MD5:    70788 139b257d986d1d81abc5df96ff6c07ac\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb\n      Size/MD5:    67526 da4b3fa6d2ea2cd03ff074fae1f99e11\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb\n      Size/MD5:   102200 d20486be0bd003c871362662945890ce\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb\n      Size/MD5:   274186 2936a9182f8fe998082ea1b094cb4d84\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb\n      Size/MD5:  1463574 ed56597df856cf23c99ea94b0df46132\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz\n      Size/MD5:    59540 862bd1b35276a1f6295ab86afbb0c585\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc\n      Size/MD5:      710 e45aa32ea5d21cea1443eef299963ab6\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz\n      Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz\n      Size/MD5:     7292 53e0bf4639f85be2596ea73128f9786f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc\n      Size/MD5:      743 fb5f2db984b7aa11cc61b95c08908f4e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz\n      Size/MD5:   816966 29c00c678d4ac9bea8ffe7ba264825d0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz\n      Size/MD5:    31362 fb578e86128d4cefd37470d2b1b7a800\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc\n      Size/MD5:     1804 b8fa2ff2adefb6457a217c145f0a99ee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz\n      Size/MD5:  7966941 f44f0f07136791ed7a4028bd0dd5eae3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   133862 9849bf94a3c83769fee1c8c40cc5a195\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   717494 0b0587f17aa8338d68f00f4f6de40cf8\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb\n      Size/MD5:   251748 ea23cce32b15ed7b944ceea15a7c28c4\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   439876 f4511db24d690e234e2c6157f6f0d86d\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   302752 cdb9b9f31fc890e1f81b6b84e62e6743\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   375884 261b8c8db1350e1729a58bf14455f0d2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   242806 0d259ee4f74d911e61e8d6c1c3fd45a9\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:    49900 6cd998c1385119c61c656454fcafdc57\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:   848976 1de01ffe87bc9aad344ceebf57136501\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  1414328 fcd5128c61ea7c91f5dd0fdd67eb04fd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  4048070 8a20c1e88020a82b1831541874ce7c48\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:   294524 6b2619e3fbfc72356dc7afa6ee3afa0e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  1564542 9ba68a1f137e86d212d7eb264008f4cd\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   117358 a678e7f1914fdc53c66bc12b2563c104\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   677468 1245a799d53d0326992d1fa22bad875b\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb\n      Size/MD5:   227264 9c15e03342736754f33977e838c6d801\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   415384 7ae6d5bbe1a4bde544290a80a3e3dc3f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   279004 3551439419ec533ee6e13b4ddad9879f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   320798 e118c7ba341674944cd61dce7dd45266\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   216576 9357f5af25709f7e2c5627960a1c965c\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:    42444 13fe0025f651e11decf5072e9ba7c88e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:   748738 8c8fb9a5513045b418ffc3c37337aaa9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  1241568 96276d9b49ce87040e0d355de948d7af\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  3531364 addce36a358f8e1566118b490517d0d1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:   294542 401c8007c96f3468eee908422fe384d5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  1382554 bfdc3acaba7eae4bfa8f09466c1a14f1\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   134248 3f73867444b6902b21ece5e88bda5736\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   708456 fd230d35b21882e8f33a733571589eb3\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb\n      Size/MD5:   241444 985d65e2f522108b58cbb7101a1c4e93\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   429892 e96a4115854d6b32907a3249bda2a0b4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   290970 714aaa371169f80396afd1d5d0bc082a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   369962 cda66f3b003f5faeabe2225356ff414c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   235378 3086125be0dd5bb2480f31d4a21b46c6\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:    55158 3d6a6b1cf5be95e00a48e5523d641d29\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:   825340 a5329d0d2322ebb0c2d102a47635216f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  1368184 0e1b6171168a996773c760b8b875648e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  4076112 3668d14302e64241292219b67e1f9659\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:   294538 5ef1c38d239ef6e6ac65d852d96c1665\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  1506656 fc1885b7b5f482fe734f5d081b072b51\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   120076 f0524701f9defa5d49f80b333dba9161\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   683560 22024047655d0a6e26c484d1d231be3c\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb\n      Size/MD5:   222408 4a26ce30531b338bc5ce9e16bfcda691\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   410888 897071c782c16c0e3000a9c4586e184f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   297866 0775567bab801a064f92e79c0939886c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   321246 8e57f2843bf6cb39a8cbde389c740872\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   229820 c0e50a0ea242052b971dbd43f4144d6f\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:    43880 705741e8b4a3cd9b591da2a1b85db401\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:   758608 92ca7b1ee8f4509a4222c1dae58cb288\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  1313218 208167a5f9f5d074bf1f162da5377664\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  3789064 d7127a902bc8951e03e70baece970b34\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:   294998 c2d3c3b6673c8c8f70d23db3712c134b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  1445764 a1efd9aa2fa04d62f69771887a5d557f\n\nUpdated packages for Ubuntu 6.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz\n      Size/MD5:    32265 c95bae22cdf8aff7dd045ffd19b84acb\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc\n      Size/MD5:      804 3c64a49cc8029e44361ec5b5dbac0a96\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz\n      Size/MD5:  1451392 a584e84d617c6e7919b4aef9b5106cf4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz\n      Size/MD5:    21080 14f360ae2e6a5c3a535ba34244f513c9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc\n      Size/MD5:      923 df21beb2608cc68aa140d315041d9795\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz\n      Size/MD5:   827186 b4cb7808df5804efeb457043fed13782\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz\n      Size/MD5:    92001 cbe621e817e97c8a67ee7465bf3fa266\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc\n      Size/MD5:     2020 e4b095a246fd0a52f314ce371b3e0cb6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz\n      Size/MD5:  8388609 15852049050e49f380f953d8715500b9\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   150940 92d6b1c0aa652e6e8f013ae4048f4062\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   668960 0e5ff244ad6488cd3eb801b3768b7eda\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb\n      Size/MD5:   248264 4328e1df8f13a92086bc6dc0c43add50\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   353738 c41d6ae077ca5f31a25cc0f58cbd93c9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   305140 eaa2799e4a889de2924c16629750c749\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   354690 d06520d61f32e74f26764e6dbc1c14c4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   242998 5e24330de281bfc1bd33341abb57d967\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:    57434 5edf610ecbdd99e59f118959ca0eb414\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:   813654 4da55af97b7c83f85c557df79f66c0c2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1427180 efafeb1045b436463419496481cfdc78\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1608506 39e8887d0c3b1d4b4059a990ccacc07b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  3917424 d69cc89a0777f800d5e74e3a8041fd93\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:   297442 b41410b7b585f2960827f912241891bc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1579394 facb0f2f9c2722e4d07af7dea9f838e5\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   134026 6a3c9319eba74a20e6f5c0e3457a2e97\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   640492 bb5ed3196a9e9fb626c17d96f40b3b2e\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb\n      Size/MD5:   235400 cde67a8b74de363b4d3e1abe0f41e781\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   341274 5aee6b86c26c312e17acf68808b737cc\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   291958 2344c15719ade83c6e125e29e4b86c23\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   336952 fe81984c7c8cf4a8ca6a0f44998bc0eb\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   226028 5456ac2131d824a096d1e979cecfcea4\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:    50646 23cd4f9ca5689117c09c43ebdcfea49e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:   751476 f3769d8fb8508eca644db0c8d9530a08\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1327210 73b1fa3c9d0e365f029962cb4e920b8e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1498720 e7e629d60198742c9040687d9c02d108\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  3563454 7f18073d92ab9a8a5fbb096b483598b5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:   297484 7d506b6a3fee567e20a2a5e7aa6c2bc7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1475138 fffb6ddb7a71160b492de7c8987cfc9b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   148582 24a4dc3fcd4e9ed1cc439178926016b4\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   663380 d84c7eab9c0a1678485b5c10c99e227d\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb\n      Size/MD5:   241628 bff6e436dc7884091e9a159425fb3345\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   346870 8da887f46827f7a148b9d5573d6cb526\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   295948 e373a2fb962bbd917ed1475707925379\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   353796 9ad2219e7d15c1e5267c922f5d518954\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   237280 a187dc106461ded50a6cafe3b7e5442d\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:    63432 d611ac901c34e99a1cfc77956c6f42c4\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:   797454 d0208072254a9e1e6041b12f660a7cf0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1401888 9af060d4e15bcbc8bd55ec3b77f8f733\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1565976 22e88a95a1d3dc23299f782df124578e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  3983002 3345dba424bb25e0862b66acda8747d8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:   297498 55dd5abe4abf1c7ef441c85dc070e68a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1541334 474f69d831b778c5825ae02d340556e2\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   131806 c3d342df6c666a6ff77ad70c7c729297\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   635934 2ba5cf3a10353ed63a2b08a5ebd038ff\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb\n      Size/MD5:   220156 4f9315e0d159b61aed69ae09c8282b82\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   325494 95813d719f39a3b86f6b44cda4519a83\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   304582 8bca3c95b9e5f10d08357fb32ffa690c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   321526 1765ba83a127b01ed81632785688a0b0\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   234114 fd5c8e1b70051aeae6d189037043c23e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:    50314 9fdc77ad9a5448d3b92c3b05fcfc4ac1\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:   733754 8d5052a6cb973b478b57efcf9535020b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1344340 10ad7e4b138b14102ab3a396fa31255f\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1500142 801229631c468c808bc3570a02f36436\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  3695516 c037048a7c2971f1c064e1644083a738\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:   297856 45e8359cdae581b6ab4d5ad683a4ba89\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1477724 8d6c6d871e63e6009ab6f9be3b10300f\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1294-1                    security@debian.org\nhttp://www.debian.org/security/                         Moritz Muehlenhoff\nMay 17th, 2007                          http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : xfree86\nVulnerability  : several\nProblem-Type   : local\nDebian-specific: no\nCVE ID         : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667\n\nSeveral vulnerabilities have been discovered in the X Window System,\nwhich may lead to privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2007-1003\n\n    Sean Larsson discovered an integer overflow in the XC-MISC extension,\n    which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1351\n\n    Greg MacManus discovered an integer overflow in the font handling,\n    which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1352\n\n    Greg MacManus discovered an integer overflow in the font handling,\n    which might lead to denial of service or local privilege escalation. \n    This update introduces tighter sanity checking of input passed to\n    XCreateImage(). To cope with this an updated rdesktop package is\n    delivered along with this security update. Another application\n    reported to break is the proprietary Opera browser, which isn\u0027t\n    part of Debian. The vendor has released updated packages, though. \n\nFor the old stable distribution (sarge) these problems have been fixed in\nversion 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc\narchitecture, due to problems on the build host. Packages will be released\nonce this problem has been resolved. \n\nThe stable distribution (etch) isn\u0027t affected by these problems, as the\nvulnerabilities have already been fixed during the Etch preparation\nfreeze phase. \n\nWe recommend that you upgrade your XFree86 packages. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc\n      Size/MD5 checksum:     2642 189d0d7d0b7dbbf26755923b438e5e4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz\n      Size/MD5 checksum:  3644476 e3ae500a08998d20996e1b386253e1cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz\n      Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc\n      Size/MD5 checksum:      623 95239010d328848d69bbcd59df29ee1b\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz\n      Size/MD5 checksum:    10664 ac732ace18f41e829a3c38730934fbc4\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz\n      Size/MD5 checksum:   202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   159434 d8aede0aaa9682ba7997447110d31ca5\n    http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   216476 5401b81557f7953a5e476127544a94f6\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158730 8f841f4bc6efc65cc48e468163170116\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  8195040 c3c684a6c8a3a10f280ce25a6523fa50\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  4363090 0a9af1fd8109decea7c5e2bc9342a1c7\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  7073122 b42b7454c680f94cf4d912d6e263c679\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  3840910 eba04ef15ba7280352b8731e2705726b\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  1203680 546bafab0ffec15de52f51983bcf2c07\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  5490622 7d4613aadcadb86fc4242363784818ba\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   541216 16dbec56de243edf187e52c650532e91\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   901006 adf45fe9c5d1d84f912d2a9b789a1b8b\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   815600 154c4731c74c14685319ffd2e5535f79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158582 5ec2b681939a466c832c7b91a6c71589\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158596 2a90dc555891313b58b5b0d11e33b8c8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   907066 a82eb5f3920df1c3e4c42c212efb78a7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158648 bed92016a1cedd08e985becce0aadec1\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158646 e55d85a5a7d6687cbf802575038344d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158554 96ba78abf30b4e2d087f2797625589cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   426718 64389fde8c4cb693fef2a5953fb2b109\n    http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  5835466 28f15b50daff3453e208642777c1c311\n\n  Alpha architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   284996 92f0024fab7a481cd4e34dc024f457aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   441170 70ec1d5a6b3bf7a36863360747e6cdb4\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   313428 2b07fef9a8355e4d43947a1a63aff81e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   822188 fd73dfdda3bc273ce185908a3720c45a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   230570 9ab3ab85a12236d862e78b0f0f87dea7\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   209934 e15bfecad9eab9fb197772520d21067a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   295454 33ccdd1fc0dc73ccc66a45c0ae8a290d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184480 3fe3048544b48f0926dbf6f4d163dd0e\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184848 b5c69e554bcdce7e1baecdb8a1cb5c9c\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   209954 49853ed0ce0dc522e9f43d77ed807137\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   816088 94c427b0abe62c425b2bcdf372c792c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  9804934 4623cd96de525311a862c2e1fad78344\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1576092 8e18e092949d8bd0f9e5ffb9d7f447e9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   317732 e2f03ac371b2cbb1a2b84dae43959f3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   934034 af848a96c5dabdb756549d66f16f5ad5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522864 fe5ee0cf23f25f8e625a1428f90e39d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   382736 5fb1194cbf510977519c2f99903f3e8d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522770 ff4f2ad7f5a1fa456abc16994685c6b6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   265026 facae3a81139d2ce5a0bd21cd665e2ca\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   196480 7cf0508ef339715f25f1ce5707de2584\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522270 1c140d44feaf9074fe7209933917d36a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   195706 6b44c3f7c5020cc71d3122fdb43380e9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   481102 f3cba0d63e52a2af0e63b1b052453089\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   240792 5025ff049d9f7deb22e11a300094187b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   186222 7c8e6177656e754587aaa42e8083059e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1182630 e2738f6b53b5aa55169fc829aa2f3c4a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   244840 76fed36704d9ca23cc4a91c321490b34\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   219782 bb1280080a6db83d8a97510c70dfa588\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   680140 9e24b96bf063fc9ce13f22fc457a50b9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   164774 a41d399a9f2d550f1ffc8b1095c4417d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   172674 13676ac5abfe9594642adc4c054014ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   210192 79cdcc5df1939ea1126859397db7fc57\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   187902 dd499bdc63f54559b3e7978c58067a7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   182996 ae344d4a81325bb7de8b95ccf977d6cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   576046 a1f7ab50d292c9682de56abdc1539e1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   212166 54359c662494bb8f9798eb530b05c39d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   204384 89026d497d9ef72ba5c8cedb005ae99a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   253810 07d21c94db5f5261077163a7fef92363\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   173260 621062aa574e5a4470cb2d59d58d4364\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   172984 a53a8fbeb82124fcf1ac73b47246e654\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   203096 9fd958db6e8f017b01e9471e56225e67\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   713138 5ac37e4a6928ae1d6214c1ea683cf532\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   361134 4e469b9b10ef878a3a631b58e3b828d7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1587114 914c6b4c39ed31c2fbee379e2d0ba25b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   191798 af942f90192c1b423de6ff15552fe7ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184318 461e3515c225271484349872db566ecf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   411934 25f0ad51173c5b1a91c657f1218a79ca\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   176406 8c0975faeee6e39952cf1a8ae7983ac2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   177950 991487364f13ea794c44c3aff02a8342\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   241462 716284f0af443ef15e5a3a2c1753baa2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   193636 8eb36dcc7cb99f393fbdc8fa315a0cb9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   174330 9f2e68247409abd7359cccd02ea2ed9a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   206192 155c096549ecebf30bd0b6de96266cac\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184952 c60abc527075ecb5c2effb72411506b0\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   289606 9cdbb7e62dc88b2688febd15e62092dc\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158684 ca7c7c54102b761de517ef8c7ff9f76b\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158738 e9e98a97d36c517bbff6f7451e8da8d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2376330 27c274f345160933475691031385b692\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   327180 32ee0206f299daf84c440520238fffdb\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   600554 6994f0009df1a92aeba7a11a6a72f4e9\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184230 7667cbb1c995ba9e2216d51342e67f06\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  4558712 5f077e532f6aef7c0d16f55d37b37a87\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   351116 5184250018192b80b4d09e24ae0f96fc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1339534 abc46934dea4b20c63e577f6974ca8f7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   816672 9031709350853f211428feb2802354da\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   393160 6322d814900e1eda70a70e08aded0051\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1150632 ce6676e1d7b13f8a28d95ee787e19fd2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   537396 958d4ec3a45f1bc1effa47a358368472\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158482 d5382eb6f50ba085a7cf15e352e85910\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1007052 601156a062591921fa46a3212a868ac8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   811486 8b324588f46711216a44ece926bdcc2d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  4640908 2688e37b3f3ad30257e74afd5ee95310\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1114488 77e08891ea808d8869350f8329852d43\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   490082 8d3580ee576dc319be0ce3681706c9a9\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   246932 61777c7301c1d3ddc00e8acdc3c0bb2f\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2088768 28613cf2d2f1bc5c0c12c22e68e9878c\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   331698 39f4331d0c561f6e5aff79af12be34d7\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  6595862 5cdcc2dd8744fd0cc46d27de86c66665\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   550006 eca34c5b462dcce8dd12e7da120d5159\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1033800 744333bde498149283ae7d7af7d7f460\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2271050 c10ec9d6fefb6b5d1f6d429024e1e833\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb\n      Size/MD5 checksum:   148190 50852b7df4448215e4d3ec188f9ca24e\n\n  AMD64 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   262298 1ce19c8bd9baef60202cd3a97ef520dc\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   367224 848b9949b6ff456b4543ff3579edba4c\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   299272 3491bfc3583d440511b0bd8687d9843f\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   798094 3cda9b3a44c3445a418567f2c19007eb\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   209850 58c642bc21913976fed73c4611e63120\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   205372 1c7e44bf812e2d336f13103253c45545\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   288966 0fd8fdd5b67911693c9ff03f589e3e1d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   178436 cdaebc2f0a0bab775d04cd8f603a1b0c\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   183446 7fcd4b47cc4e44983b8103e202faebcb\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   207798 37d7f9a57604895952f6cd07712be13a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   749416 36e10229fd2ed52bfc595c8b708fdb71\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1421668 0f0093d5081ad93c1154d9e4cae3ce2d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   295162 c0161225e5f92dd930b8c2f582acc80c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   903762 f48cf6f781708a7eb7b309cd823b2877\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   440728 5c9d6a694d0bd09f6be2f32c97eac671\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   350892 67fcc3ec3099427d4767c6e4427a9391\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1044460 00f7bed4c6bf4bfe2228495826e6f4ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   440628 701b3a51c651e67b7e2c18e11e30458d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   251400 ef31c9173b291ac5d78348a840674f79\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   191154 36f3fe9c393cb0ce2dcf5730b0107613\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   512612 3dee7413902951b2a7dd383bae5f0d69\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   192936 b64eb7b1d740d0b107215b291184d7cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   476486 92c4f49830414e0dc0341a7ab9efee24\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   233066 4a1a67f6d6bbf17baa360d4fe3d2de6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   180474 4f4e2522cb226dfa17d5ba9b0d40e926\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1168298 32785a1d0229c721785082055b4fe145\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   226012 7199fab356a9c6381c0a1119bfe52e98\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   212288 6c78ac6ec10145825238b283d4a8ad62\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   662854 45c8aa47be60747fdebe6c34845b707e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   163456 85bd979736e1119dbe5c73d420d83013\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   172100 4f4301a328b952ef0566b8d7c43b1c40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   208938 0ddf06170b98d7f0f0d7dd8932bb1867\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   181560 4cf60ff4d472ca7ddac86633e4acfeec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   180494 45e08ffa571b1b67b08a0d5c2d75e285\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   569452 3569f24efe2174038b829d5d05f1dc82\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   197926 85b5527de1a09c351b03f4018a64b406\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   197300 065147ca72c7a3364f450c8c781fab26\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   247486 9c213618f78a041491f76de00c2577a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   171968 c7e9e49de0cb61453be5ffc2aa94e74d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   172104 4ead3bfa45d1ca8957e5e10c1de03653\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   201308 bb9e5c557e50a45930b680b8f6468806\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   644166 a10f0657d008a8f086b07eed9706b041\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   346064 7ebef79c15df3c822cfc57ab443ee315\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1552102 7ba29d766762336706712893e21f8fbf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   187202 1a1c28f352c671bc5437e52158c058f1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   182508 e8edde7b41222fcb15b5c68a148a805b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   413140 e55e37fe1e0224a6d225e88fbafc9607\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   171912 e4d12ec69ebb49ad62d987505704f967\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   175416 5c6da5160e9441d30e0869817ef15509\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   237626 4655e7033b095f39dec9884ae45aa832\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   191668 b091ea03ff5acbf27f0e0b7a74bdf929\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   173528 0350d13430157d5c86819cf928ff29ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   204446 f7ebe443d878728a3637ab346c311a63\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   183666 4d2b4de0f1e4a77261b90d25eb770613\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   277370 a8420df28b4d294f7bec2e104cd44279\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158794 f8a1514fdca77984512353d0b5d1f420\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158848 2a03cd93698571c4a13512ca990a8db2\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  2083786 97d1d4ebd6a452a2ff83928bedbb31d6\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   318224 59a6e966e6e49595101e733479eea356\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   516518 2124d855e582ef5e2012daab5a8a600a\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   182408 7ce0f38da0445d6a68b41542f655ac43\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  4202892 fdef8312cf8f94710eb818f21f3bd52c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   333556 d64d8c6d1bb0e5f979a38b5538f5762c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1316908 f8accdf7495d3f03842f03d4c4f069bd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   735302 e548bb1b381140f6a5133c491178df6d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   368324 730509f902394ab4534bc213ee093a71\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   460486 339cb1301a8dcc4bca57539c4a7d9c24\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158598 457cb5b6103df84a88c06f618cfdb9ab\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   789176 422bc34409184b39cb3f224954e2a50a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   686604 393409c039840d0b0757d82f843e3ade\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  4489970 b8e7dcf3952f41fb2812905ffc561f7d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   889632 e0b5d43013c6bc904f40026dd3c06712\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   400280 4e16b740df809e4ca7a02b971a251d4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   236366 3c314ad0880bcee610a3e37f634b744e\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1620482 f703f2c8e36bdf4cc943b3abe563421a\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   337152 a8751e299ee2bc2fe354fd82bc4a01f3\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  5695770 e1de32c84f307dffe6c64100b38525ce\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  6039138 6e451f23e2b38b6c4f9fe1b9d65a62be\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   521528 9e2ad4fda8330b388f5efb0cb59c4d5d\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   962224 0380eefc014116e02bcea08a187d3bb6\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1763954 d099a99b9f35f7c2a92fba27851f1c41\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb\n      Size/MD5 checksum:   103960 e10dc9a0c018be14c3941d097e61a263\n\n  ARM architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   254506 c4bfe2b890b7f1aa92a6ea50c8fda17d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   353848 d83d9bea399500268bda162ee4d4d7f9\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   274282 b6b25b1e771e3a003c3ffd2665dfaf7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   778514 1aaba6276196c2965031048943a106de\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208310 93bed067f155c25a867a36f228b280be\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   200248 b8a08cb43eed69036fa08f885785df01\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   285400 94e59aa1305da66cd82e7cd736b4eec9\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   177720 fe578cfb4393d969205552b9904f0eb8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   180490 45723695fe5e39496c503a4716f47cec\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   204986 6b5f5c883b10d0df4e36da876684519b\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   708938 c7a004360821b10f119b823925f7b4d0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  9661608 ad3f42ed447f33881c2a85dfa26c3ed8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1411312 8aaa1222ce69df4f196e85fad581bbdb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   283694 8bacc834c0bc7f647db4b730fde8601b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   894954 0e6d96ba308fe7899384736e3028406a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   437716 9142fbf29b65c4df6f6cdc31a02609fc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   335288 e375c507a70b653c95f5df809651e349\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1029416 7fd74f1c7842bf34e75ffd4d1748a920\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   437618 a5fdf7dc60012ab80d091d6b86aa7921\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   254630 654f145f734a4ec8dac276b77b8c5c0e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   188842 ca9cbf1890dcd8be553056e006fb9188\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   511660 0cbc8f25a45a380fcd7024a3182ca035\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   189158 28074b2cac5f6d2567a07838adf5ddd9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   471094 6e7bb9a3985f5d78d5923b889c46c82c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   233430 995db9bfc5b8db3e1af233263d63c237\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   179462 93ecb7bd10f52380b29ca88a18cd3855\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1172306 6510aa4bc254dc1aaf4a718d6ade928d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   223670 a845d16a971ce1cf0bf4a62224a9fbda\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208072 908593679b7fc7e8da53b8c034fcb3c1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   664842 71c12addab4acafb4564f181cd57eff7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   163218 04f22173f8dbf2330514507150dfda2a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   171618 fe9c60b4d8ce2b6496bb9d922e54ddfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208674 83f13a1c2d164a7298878766f2d735c7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181310 c95d79bfb7fd207f4d90622d3d8c3071\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   178266 5001d9e620dd228aadff0f7dab2dd942\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   567858 97d087ed756b6c6fcda1a66be9da8095\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   198280 462db4041e1ca77b658bdd6ca22808d9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   194454 2e989bd9bf07a72a21a313bd7fbf9d46\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   243848 b676a5b4b52aad00cae35996a99293f3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   172170 11b217f5e995f7beb31c047545c33abb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   171718 7f71e6890619d9415c78dae14019866a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   201068 766750858aabd3e4ca693ed92c7da7fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   645466 0f2f37d4f76e79aee71893595c289886\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   327336 aad47d15f3b07d709e3bfca61f90f695\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1539196 220a5d415800dcbc9aa05928b95babea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   185942 8a041e7c63ea5a48eeb87329af17931e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   179524 490fdd28d4098f64fa080ca98124a150\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   413616 ed79f35c87fa43b63c5fa5a5bce10aa8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   173084 3a3b10c302b21e328d5c77c92a11d53c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   174796 22382068183a2f25fbb2630862fe6c03\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   237432 2f9c7d966572c7c508bf1f4eb951eb18\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   192874 8a02b3523c09a5d20c25e2499c271ed0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   172932 58f6c0989bccdf51646f6cc85a7ad3a1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   204124 719091e4ca99073d68a83abc356dbac8\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181896 0281298f86d1734968f570ec266055c8\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   274086 32b425d803d2876474d59fd6095c18c9\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158788 9340b0647c7e0509f201b6030ba32e50\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158834 c3b39287a06ec827f29ff2961a6e5f1d\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1940412 a0311cf7769b8009f316dac534be27aa\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   309434 4c18c2e9b31637ffa4638dcd15c5e33c\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   500544 5b1adae68f8062db2b18595d791659ea\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181030 02052edad72f025589d2267cf0c778c3\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   280888 3e2f8ee82d0cf25240bd591c81fe53d7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1191474 c4abbbb972e895d75ee0ced411ba18fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   725146 fc5318a01d187d4b727c24ace68a241f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   352390 46290e6b3b8fe147aa8d1c2fe1481f36\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1098268 b79588bea1a524686b627b9eafcdadf2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   459654 1f6ae7b019a5a824ae17df9a80a85b52\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158588 5467c615528a5d4a9cfe3e76afef1464\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   908824 ec265f126c7d0b2cef91918bee54e051\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   409248 4224dfa3119d8d231192700e5eabfa2d\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   226552 3e82b73d832d529c1a6b7e64ba98dfe5\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1558376 af2dd08ca667f05a447d7d0ffc8b667b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   336698 0482b56c7f71d5f044692dc3e70b51c2\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  5528280 3f47b74fbca3d0793b94d6c02ffbc6f2\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   508736 68adff865be90604a977176c9cf2684c\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   906628 cc7ffda09bf14ea886d48f3c9a6710be\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb\n      Size/MD5 checksum:   106868 7e645dba8d76959991e9c624caf76eeb\n\n  HP Precision architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   264792 9424d7e1d21fb19a7bf3c31fd59c41a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   372312 c91f48c32b473e0e162b6b1ca0806459\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   306544 734eb14d0c2db80d2600986840e6ffa5\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   813736 c84b6a4e597102ba4775f472f9aae439\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   212434 bbcd96bb00f58417f32ea4329953233c\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   206934 c765a54d65f4f7eff593c622c7a66835\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   290350 d6934062e7680076fa5204fb542919c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   178552 2491a6cf3329a1b3e75050c93e422cfe\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183590 b6c26839f416745c82e35497730867c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   207650 4de6cde4c6cbede4b5d22666ad941122\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   780302 6c521d1bdf4177266123eeebb59db7e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  9906326 bec9e8186d854168c96292f0cbcc2f30\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1443564 6f7cbc5293caba59f7d76eba36ae3b85\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   307060 1f3d61dc3d9552f1671b9850bb8b68ec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   926814 2df67d8e37eea2f3982099958c7f58d5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   454834 0691f5a5e1241f1dab1896d38b30521e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   367534 5858d24a08a0ae6a2a5584cd3e24ec34\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1070688 889919869c53bbb0a4fa32f4f81643a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   454720 471004c0aac198ea9fc5c38d1fc092eb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   253758 b424edc08b899316821c70525795ac44\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   194058 2f7cdc4e84eaf340a7d1cbc3399e49bd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   524662 c41b8e84537da3673e6deb03a6b00ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   193438 8fa5c65cfc8e6d0fea7b698d071138f9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   482956 265fe13bcce21d770a6c6d597954f0ea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   233902 fb2f7de98c3f5b1e7430c535e54e7ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182062 6dd46f3db2fa404bb522b135db426d96\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1202862 16284f5703bf36c82023c3f9d35835c3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   230482 69af864210b495ecdf205cc503ab95a5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   216180 b9cb762a3288b979cda8cba6469cdb33\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   684228 cedf92752aa08f4ce65fbfe96d2e3702\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   164026 7f6e983d2bb07ba429c0a224574301b7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172904 983a70b6e4b52541e6bb8b54ecd469bd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   210406 0d9c427d666629366d9d9a69fe498632\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182556 5b44f2ffb038758a013d0d86be46f736\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   181626 e8d9d3e7ef2d9e4fd32d845df42b436d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   577962 75302d045e4147243434844eef3ab539\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   201518 6d1b92e93e4e3f9e1c180124280e3703\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   201996 db76f8d685d31e642f624dddf865a8d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   250654 256d02fb05d69adbf774cd9db296ce85\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172394 51fda3af7874e80bda0336b767b8ecfa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172682 819c2b22b4a4d4f4e69e4c571a58683d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   202344 e6d067d3255b9c23fff4fc7f51c2608c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   665382 db08734e96056212e56d6f45c72b7b46\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   358688 dda0a4e43071aa9fa663fae4acfeada8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1569924 db27d054597116e63330d43b060f80e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   187684 657c19f170c386aeccfcbe896de0f381\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182544 d628379cff2189fa57ca6276585752f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   410980 e0d6fb0dcceea37d3bfd820392f7bc61\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172844 8d041b5c14691c937dc5d97fff283c7f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   176412 0f976b467fda140f96bc4d571cd1693d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   239352 f6be64ed56faa4dfc2e0fb5e0989b83c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   192220 9a02c09b3c16ab073ac3c4bf46b7a212\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   174108 cd9a6247282ed00294bab503e4c81dc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   205572 57303e5edfc3a91f074cf354b1c4ada4\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183914 015d754d01788c8d4a1780ea27a1126b\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   279790 6c9e6d652a415222746a6c2a4146249e\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158792 0a19e673ef1b669c9bd3160fb3dc183a\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158840 a8c4f30320308ba9ef0196b4dc2d60fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  2117262 250a9d60ba2becb670327a9f78315610\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   317244 508110262fa2e49cf96cf9eb1ab6a0db\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   546534 892f8c24b7392fc642bf6c2486023ba1\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183002 3a4d3f2e8bb6c62501962d6592d6be10\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   339374 059d5d64e82dc90a540a068b551d7258\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1261264 7c28a6385ec39831b777520533085a59\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   773180 d652cf318d2aaf08fb64c74fdc4c64d2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   403704 cd9201d2131b1ae8bc3cf9096b067c78\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1175934 e3d0d49bec1b29acb9aad2cc3d38a378\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   497318 21469a1bb347d03ea83c0130bc4820ec\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158592 20258fd573b5a6e0ec0526cd7dbe2a6a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   956362 40bf15e3f897bbb8ee8955f25a520189\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   422808 392e0cc23412a356d67fc07aa51bd4d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   237592 743bf913ab9198295e3c045ecbf70a2b\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1803862 7aa09096087a983e7a16fd210e0c6901\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   337492 82807bc3b69b4efe86c0a3aea38b8527\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  4100222 3ffb5b75498897f6a9a3aff0d05003d9\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   530248 979dad322b0b9e1619758cd8d5d72f07\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   977232 1b525f046ce3fa3d84ff0bbd1c72b0b3\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1969386 ac1a2134a3afc4b680a31526ad220c5e\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb\n      Size/MD5 checksum:   115866 a101d8b69db97092f3e52541be1460fa\n\n  Intel IA-32 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   250230 3ad753c5bf9399dc00645876680e83be\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   342276 c1f9f7c6dcdd7153898727d128f58068\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   286150 81f15d2bc7f03b0a881d82565390f380\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   782768 c55920ea0f7d13e63d5061775f4943f0\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   205356 b56681e15102a887507bf3285732cb67\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   203514 4cd8e50adfffc863b0a3c0010dd5bf39\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   286264 f2f54740eb60bc96eb7b39817e4fcfae\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   176718 832a20eec2a4c8d198421514f47767c4\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   181274 4e7a1ce300e1787728ae9c43b49842a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   725158 eb243b4a9e705f824e9b81ea9ce3f92a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  9600288 94eb5086f3528eecc740a6a5454dfafb\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1358436 c46f41b1b294751ddd81fa325bf574fb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   285434 3ec944fb16f03ff2191815789b926885\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   890614 5ccab68e345e79b9a5f87c24613ef434\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   414284 8fb663257fc2aec2637fd15e4f95207a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   338666 4ae310f5dd35bb1a5735c6a9937bc29d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1025578 b67d080e9096b5488a9a67ffbc1b55db\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   414194 1398106e83b08b50a9c8bd86487858c2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   246880 eec68ae5de683b31245a248ab7acd995\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   188456 bb2d50b4439ddb8fa6602c36893a7a70\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   507564 bc8514376d15899b530608ee6762e222\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   190786 de17e522a4a47b3c8594140b1c832042\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   469928 86e0dc5f50e01d92505ae4565665c457\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   231136 947c90d63fbb09a0435fa84a73800b18\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   179574 c040ea78299a4a77cbde6965487be65a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1166540 eeda20ce5fd4f83c098fda0fdd663e6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   218400 5d475727a2de404128fdc25622d6a5c1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   209834 fa5a4db6f1de17988bdfed4e64d66f66\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   660018 1a98de5deccf0642e85c5bbf44b158ec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   163124 dfe3c393889e2ba0bf421164956903a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171780 0e63f6fb0fc805769aafede4d6be14fa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   208498 45c2ec6249fd478854d6b51a8ff64d03\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   179038 196d08ddd654b7095b810bf2704bb668\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   178710 935bbc6c8815b64fe9fa01cb39564c95\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   565340 d93c4e35f9a79c72f11cf5e61e6685fb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   193686 1311a58096d095810db6de874403f144\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   195898 a8c4f1a3cca264a4de38384909ae0527\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   245344 3bb2b5834a63fa1f6ee7f6f73455b14a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171098 c7b8b83b09b599b65f41c2fb2df9e5f2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171542 9d8ba30823322ea55436910855236d40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   200314 db2359a4dd12eff662f17d16eab080e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   614302 115e64adc6c74af37bacc0b4e54fadc2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   329404 1e75dc920d8fd10a64dc014b05730b06\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1529654 18594c501817e10451893310347ad4e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   184890 132a6b1b5ab8f182ebeed781e053ebeb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   180554 6f49732e209e38e6dd779252671b963d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   410264 92c96bc12e1fe35ed18d5e863b71691b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   169914 24a5fcdc4ebc93491a0f70ea2d5bc26b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   174482 fba1ebdb9743a7973b5d3d5f943b1521\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   236504 0ba491e7dd63b06e116becef32a9dee8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   190596 81973bd063623df482c4c9feb53bfe1e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   172632 b4b5474d58ceb6869be524e7eedcde0c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   203054 50753c3e0fee1e35bd290da7903eff5a\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   182762 b8bc97c636c1f886a306063ab2888a41\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   265068 d6ab5c744507fd1a9fe6a6828019d559\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158806 0c80f911f973bb7337586d624a6c747e\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158856 fc61c5e9ea820e7fd9e3510310245bad\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1941616 b050f50404e8d7bfd11296e4745fd3e3\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   309596 0f948324ca3602a56a9c6d6d7029b902\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   496946 04c400f07131f1fe396100ecd83847f6\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   180580 fc2e265ed3497fcf03781f0edb71b8c5\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  5009168 582136777e3fbd1102fded416f9bf804\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   283386 183aeab2a61618e245b585344cb1fd63\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   705172 6de19e9b1c942c1c62d165029b0dfcd8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   366064 1c48bae8d4491a4ff4b676736ab175ca\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1111016 9fc618a5c445ed61ea1099d44730d9a7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   435082 17cc6e82fefac3ff0e0da0099fc261f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158606 9c67005155a274bca06964f26be4da79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   790330 984dc8f924bf799cd1a31cde08141708\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   662110 2b3d55d989a06edc35fd750b86258318\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  4582490 83d96569620caf3995c115f0182b3b41\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   855012 86b0f0f3c687cce625e825698ba95298\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   384546 a8ec4021a27da614968f11b1f0d84c11\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   226984 e02156abd0bcdde44b2c4ba6027c0978\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1467016 dc5564cc3943f59450e050d240ac6d19\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   336854 591e181619783ff7003be7ed6b20529b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  5744114 4ce1994ca3f0aa2035622d5f730c7245\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   509408 3a68d04348d4c4b53640706b960cb227\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   912694 39f690caee0037461c210233ae9ea846\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb\n      Size/MD5 checksum:    94980 1c57e38030bc1c7311695cef03d2b560\n\n  Intel IA-64 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   301856 2536934226628d0349840161c4239311\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   423574 661cdf850136cc83b7a2f188e53a4e2e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   335342 ecc1597e1221d6752b87b9cbcadddfad\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   836740 1d1f928ad5a6075c7b8d26b479c037b1\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   229996 f96e4a0405bc4e66f93efaffadc4f2e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   220530 5509e9624abaeebfafa2238a8174552a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   307000 ef2bcf7574ba2874133c9c89faacf474\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   183790 da2e6b761cfb3ef2da02967c0cc45b2f\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   187868 e4103966dc75c710d449c193d7b0c172\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   212436 b73882b850d9a14ac2676853b4e1365b\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   906316 a140bde98edf1894e6e35b655e617f5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  9887962 ced2fb3657c9406a8dc3888d0a9c720d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1606148 f68d2172e7981a2922dc4da5460a52f5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   355430 d8bab5f8af5411b72bd4c99314b836fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   971308 98b9821f558fdc43c5b4dec4b50e82de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   545418 0381b705666026787bf62d1b19a1d326\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   437162 b40b327b5b0224d4ea6284af48e0ab20\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1155500 7487439f9ba76ae05c3037d3db271a97\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   545322 899c08785c157f10f657e7acb5ede406\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   264566 5278642e58fb8cb61ade54ae9ea00125\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   201316 aec4b6a598c0d37f9ee2a7c434560ca0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   525084 ce9b348e4f455a0e236c8abbe88894cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   200834 9ab987825769ca0885bbefb655793bfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   484850 f43c52e902a788f0bc47dad4670dbc13\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   241416 a6c1ff2791d41b528d34a2a5b7e0cda1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188316 70ec23e87366fe5d62cc6237a34df58c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1184954 478f63c5a4364655aad8b35ff2b58d2d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   247942 0d03221e400cdfa4dfa62437e859af33\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   230070 4e75172f67d529d5b4960586dffb2326\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   689792 832b63f9f3b4109df89426905c5ddcc9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   164948 8183cb1e03648f3f6cf19544eef00abc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   173644 d194b2aab4f22ed2016a21cfc6cb554b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   210708 cfac0d9056615515ca8baba68d750c5e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   186904 14761ff4b77ea55e8d5ea1bf838098b8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   577486 23dcc7933085f8c1ed9ca319bcfb8d5f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   214096 6902cdbbc99c3d21d8e97d3b2d962d0b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   211598 bb9345c62712925a2a31c681f80d8c78\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   261608 4ee5e1029fe9ab66213c57546ec099e1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   174596 7fd5a663614670bce66dcb18686707fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   174482 3ae32e6fa2f05345221cdcf5222a0a76\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   204366 83a4a11374d28f11276a812af5a4f189\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   734512 83da9954a4e88ea281aac8e58cce0417\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   410848 fc544e2b161c9c796a97e702064c7814\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1627622 3ad29ccc7e3aa3ff849cf5226a378662\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   192576 191f6eb877c6220b15d3581748bf080b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   186708 4778512f96e02cc2b00f667b7757dd58\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   415204 c1d5735cb1197a99a0d4a6e08ed8d2ad\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   176850 4276368e65cc7b6d0ced6fee47fd1325\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   180028 535e93c0336b609113938920d2da7b19\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   242192 7a7a71281b43033019a704565a9fc691\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   194772 f6fbbe744696aab7c36f1f118bbbdd89\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   176284 1c925dce81cd41410c433264025c6159\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   207898 981e0a72852e686ebb94b8bd54f16134\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188648 08fc0d4fab01781603e9572fd3e839f8\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   312324 a6c63c439a5bb043fe320f4779f8f31b\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158796 49f4feb5a9fe370f6ed39115bf6dae30\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158844 9fd7480c8f47f27fd6e0bc7bbf847533\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2774492 3424d3799ae9b7b08e7a66185aef68f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   347898 8ae26bdac80c228f162b0fd10fe25892\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   693412 f1a383a2bdbf67626c4389de56597a17\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188856 7c8411b390713431d036b549a80f8d61\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  8121752 763ff2b160b0c0712499eae573f40e44\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   349704 baa5b652ac7da0154ee263c3522d04f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1324528 4854dde9c6fa7cb0dcc6c3862507fb9e\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   797068 1ce3af82028237daea128d7213e89cf2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   447492 384596efd464eb27da2bea8b426e9061\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1200974 a9d2b33b28b815cb01bf96ae96093032\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   553512 bc158ab22c3d8949e0e9486d6518af40\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158598 116aa61965b7a3b91b45e317d3e91b75\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1081118 e8b35d16092f656359e9c0bb99b74179\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   946692 c3e728e388711e13d6d2cebd03836e67\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  4773708 fb080167239394d3ba3ae4a71e737546\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1165792 e9456cdb9978268829113f8f687f98ef\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   494608 cf64329bcaf705b4cef3f52c90a612f1\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   260258 741427f481d436aa87d90d59b3e92379\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2383910 4dd936295dc3a5d630906d9c510813ca\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   338584 d5a558ca2dc8e909834048e78204d3a0\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  8457416 479bbecbef8d2971225628529a160bb4\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   581860 4ba016a1f2b41d055eaa081ec5b04bc0\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1133422 bf77f9281359939cfac6fe550af95f6d\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2610628 6cc3b877c5b52e77dac0e83bd58fa390\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb\n      Size/MD5 checksum:   145704 d959399c76a6f63626a83f75dbed9d82\n\n  Motorola 680x0 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   241018 77a07432c45b9378936b86794d2bcab2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   331138 64ad4122c8f105a06f56c23d9174cc10\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   282230 c554467354b448f9e165955af4e7b4a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   785174 dd08487031b3e63b50533df646c0e6af\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   200262 060aa0d9cb7282199ca18305b5c821f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   197746 83836818743f4dd92b30ab3eedcf362b\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   281672 1e1caf7322c340167bb95486494c3012\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   174714 87eddf9c6a897f97952aa91c838eff89\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   180594 573276a89f23874cac04d56e205aec69\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   204752 51890686ef5fe0a32afb5f760e19e1af\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   680616 7200fc49162ebda0d53a7ab4a74bbff1\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  9735198 4c7d703ab09a32257fbb4a7a9ca6ef34\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1320712 16c0e121877da9f823914a14d3e5f40b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   272166 df7b6958c0a1c7017a30f9c7b78ec723\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   885970 0c270453838e035b27714ed71bc9a952\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   389520 46a680064a2f9a1e888df2bd7f7aa903\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   319674 7f7e6f24dac1b7e3f4c41bd3f589d281\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1015288 3253f3dc4f1914004ee0d58e4e1c0f41\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   389430 759f32add2082c6df77263c182b8dd05\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   244390 12f93645d7c7f68716ed544613efeb6a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   186086 e51920992e3a65fc3d6738517e449792\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   513588 dacd493b35a8a37d1b0326ec265f1586\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   188836 96ec2b33de1690dc8dc1e4dca8a5de24\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   478026 59ab765625ea9dc6da641a8e5d01d1f1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   229372 59d34c9c15853cb410d5ce3d35924d40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177524 788b51e970927d25728e597d6efda2f2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1190632 24752ff589468af8133e0e27661cea93\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   213748 ced2278c1ba39a77143cedea80190687\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   206234 4fbbf0148b2cd42a69521255000601e5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   666594 e2ab67ea5ba09f7be87f51beab9d5886\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   162740 2da7b2488ea0dbaf0582960cfcbbb782\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   171686 6fd94e0375a1bbfa758392035ec76c73\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   208966 03cc15b63c820c9568275e4fc248afc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177938 0298a644eec5eb22c96672b1364f8ac4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177392 221bb28eb3760c47fb26797e692d84ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   571934 a2e321f788912dc8f4591fd1dfc50c79\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   189722 820323286728158435103af5db8748af\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   191700 7e3e4d432fc65a82689a629af33b6cf9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   239296 141d8cbc8f454a44f79c13dcf1152e3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   170844 1a5bd0bb22fd2dfded42c17de02bf2cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   171222 3aecb797ff7774a2ab5cbb020b8d7583\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   200380 10901ad8dc53221e014db4503f5b1891\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   597690 1e422ffd7f5c0b308b54d0a5a732ad56\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   314590 36483349e4f37219f5ab22061b7c316d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1518028 6dd17e0c9f3869be4bde36d09a1f5cbd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   184100 90bfe448f4c46e7032235e8a41f6bdec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   180192 446b94f914b87c2855ab2b6508a001b7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   408988 5a315e50bbe97cf00ab9c286168480a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   168920 562498f992c6e330578f5545bfb4c183\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   173734 43011296400cc534ad0e2763a6948209\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   236732 9df9f6739611fb0fb3d13be1604e944f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   190134 7d2773cb87e157ca3872a3749f080ee3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   172066 be4d961e36c50d6db22d0dc790527cfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   203030 0ae15e99cf268d4607a9ce9f5a0499cd\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   181158 51b4b7ed68aefda9a8c7c4663825bab7\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   256204 6f415eff373b0dd082c3c4cd88f38968\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158800 518d8866e2f0538a14a151e08205455f\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158848 05fdf197054b6de0a875f55cc623a90f\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1770534 a5a3246a865619f16873171292728d4d\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   304782 8c26e77f964dbabad39172dde2f11b28\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   448136 9f5a9f1a513fe8b4e0daddb3500689d4\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   178986 1909446f56c676490d9ac52676a45e88\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   284944 026317fc993d1fe1dff80f1ac1eb91c5\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1197212 8fd8f32f6f3bf0a11401ed7597f39c1c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   689460 a050bbc3a8b3a9f1789aee998e00c918\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   335758 e8e92c844a61419c47bce1aad77a59d2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1099042 0a495c48978112d48a084651984482a2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   405664 210e7f001efffbb8aa0cb72a30ecde57\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158604 d34dcc01cd3ea7779abb2fb03a07c035\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   758064 dc880642b8b7e1a8c29101b281d493fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   349048 a155502b312c00034f2ae0ee55a030e4\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   222330 758c282c2ea0fc9acb71bb81a50de8b1\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1240584 4882905dcb51ec7943e1a2af30de7411\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   336750 626286fb3dbfbddac46db00f94247987\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  4544002 e4cc4d1a010460c47e024cbbb3da404e\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   495068 9d646f6246283c9d9ec6203027418988\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   873524 2490473ac20b90a37ee823bef1168001\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1350020 fefe13b0d055607cbc25bea8a8700fa1\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb\n      Size/MD5 checksum:    88642 2e821aab336d92fbf4463ec68d549df5\n\n  Big endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   269036 e0d614a89eb3c3f0d76c1c32efb658d1\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   383674 85999be5fb8483b01f78ef55432996d8\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   283268 960f5f05ae7fda8191e7c3a0470519d0\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   794896 15bc703842b5c086c0dc32a365e75ec9\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   212428 6e245b0237e014fc807aae8a83765de9\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   200476 7f451738d1c701f31063eca4714a3e82\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   286068 5abe8c7d0b16a59be535313f4a8e5c41\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   178320 26290f78c879e2f18a917e4a0d594c83\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180942 212958ccdb25420a7e8c85efb757419d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   205778 62298420a535e5b9e334be552e02bfce\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   741164 dc4a231aa21b24592af81779a3f0e63a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  9875488 04e5abcf7f591272784c4e8a2de04600\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1448650 ef0aecd48a18d8c0328f8aed260a8056\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   291898 1d19096fdfda44903b79e0e907feafb5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   914694 5cd35836ce90b31192da903fe74b9464\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   457170 75c30aaae65eac879b12d96746024b50\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   345484 61ae086ce3fe377c7ad719ac15bb0e81\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1053840 265f890d3f31f22adfe12929e6927d1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   457082 dcdadb44978e3efd8d4de14b1bb1e779\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   253440 832c6d9c7c66d6f5de7c8e01627413aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   189378 ef74e7e76c3a466cfe4fc965762f618b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   519556 edf155ff90decb7a0faa5632b5a4cf4f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   190660 86464457c3e108661887610e5ea83283\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   481658 4d02c7e8a59fc882c249abaecc9fb231\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   234346 48396e6b0a99add4cef783ac8a7aa4a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180312 7065ff48dd57fc4712290485943d1884\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1200778 8891af2a2b97901ba15daa436bc4a8be\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   229230 b57f350a0b45180482d4773b4d4906df\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   210238 f1d4dceb06755ff6eac535ead7b60e48\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   679006 ab2a5d9d9cf347380e6e8f404972b3a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   163800 0cb95c62798ce539733e1b6d5f4cd10d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   171894 3dbd7c7abdd64ee3cab8ab578c28a466\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   209482 61a6a45b5b9408f3bfe16d0ab2677e7d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   181812 9608b04167f37a788a8363f622038b3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   178568 2643b6b2f300b44e9164920e90bc1e32\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   576458 dabd3f68c6c430a417eb265c04f97dc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   201004 53b5143cb8b95dd74f4c8c5394447c9e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   196860 85d7fedaf7f23cfa9f5b852d7c2cf804\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   246082 ac0e1f47165a1449ce01d6fcd99ba377\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   172422 51a54bcd72bbfef34fff324215046684\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   171978 098bb8fef374fd9cacf44fb196dd6a08\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   201692 a0e794a9a0f11782c2a1e2c063c907c6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   658488 cd7fa7d1d143676db6f5b3c669ca2e90\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   337488 ec3a5b787c6ae945a8d4701894b6b47f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1558432 b758c6ae00f6795c2e7612d2b6869427\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   188076 b6383e3e11a196f27b0ebfce5a1249e2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180856 1b3e3fb923a6fed46dfd8a9a819808bb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   411938 8ba6d09b8b594b964de932b10515a848\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   173122 cbb902e5f1004d524bf428ccbb476af7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   175272 78ef33ef661531a62de80c9e02927a3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   238884 15b59465dccda67bd09e4882848efd07\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   191990 068d261c0a9192bc379118779f04e730\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   172872 081f29507e3b42c5a947425a865d6ab8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   204250 ded6fc6a4c13e4dca7a5fc897b95789e\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   183656 769f16754e841d2b3ede831430ee4d1b\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   279012 21e6d974d7bba679c7d0d297694eb6fe\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158790 8091cd2ef7e411b310f45861e8588d52\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158836 433eb908c505bc4abbf45420e3b82ca3\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  2107564 43918ac8ead8b2af80800041bf871aa8\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   316422 c9f27358a4f5da75df8128109fbb43a5\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   543002 cbd4b467bba106c92b1558ced4bf8fe3\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   182624 8420f1c990880b012d9323d0a68d3628\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   283842 98edafc555cb17b7705e96a739f97594\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1205152 6ccc49b27787b426e41d30cd7344fff0\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   753068 25ce758d961646072a6738b691c16d0f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   373414 5bda413e620bb7c40b30cd131af86938\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1144212 942d59d8482805825b108365bda78cfb\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   497118 379dc047cf057a4fb194eea11c9d3ca2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158590 cba4b0c3960a04583aa947eb3ec21aa2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   933874 1e1331ba64cb1508c4db1df59ddbb9aa\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   406030 e03c389daa5f6be9c72eb63353ce9d72\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   239710 a99463cc6de040a91e2c3485a6ae9b95\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1737236 4268b1a0b2a4ca64811ce65a3ba07100\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   337538 989852b0a430daed12875e29a361622b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  4021462 de4bdda63e45d94a8132c2e94c252449\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   530278 1489eff24482171db1e388ca730595a2\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   983238 a32855e77f25c7e9e21aa96ae8a9d2cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1898580 582876c5ccae25dfd144bff7bbfc2e44\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb\n      Size/MD5 checksum:   115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f\n\n  Little endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   268714 b457217d19fd8fbc43666f54ee3b422d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   383552 5d7b8a8f054a40610496c7b169a02bca\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   282270 3916d3d6ec212b8cf958aecf7283b697\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   784426 8f28ec91456ab0aa9c0fb585b27fac4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   212428 28ad717314bacf8db05ae3d9ece564d4\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   200466 dd18ec438c8d6db747479b46253b8535\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   285224 025be5d014139ee126025ded5d029419\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   178230 185fd834949d9ec6c15e7df2de864d86\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180626 b7750eedeb125264f01a77756e286d39\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   205458 7a79ee705eba1fb54f85e5038eb8f848\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  9700772 302744dbd76e8b44a9d13a47cb612994\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1448742 398ee2c960b1655c3357c45ab4fa1c5b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   290434 a76f2678ec211948b0145199eb3a3b21\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   903856 0ef7e41798e292ab28d306a702e3b7fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   457676 5150db19a905714fb4ae3b84c7cf9895\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   344002 85c98ccc42151375b8cf1ac34adf0d88\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1041318 8355f472163d812e23d1a19b228a8871\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   457578 36228c60dfbf7761a288345c41e625de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   253406 7e181529a011d49edb98d848c310ae7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   189256 419ac92bdd97a369acb97492a734d582\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   511450 c7e564de37bf7b6ae446f0a4356834a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   190518 82c1bf1e8dce203b3fe4c9f8fb36fa55\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   474102 3d171945e9beddbd6da2b320bc658277\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   234434 38a1c3c1edb0c74305732e47911e7073\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180340 48a789753e9e584c2f8a611eb00cebf2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1172822 4b9dd118b18567a2b9a6d70eddb2cf3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   229446 ef7a8df51a89a84fe1a8e9255407a95e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   210292 1baf340db8decbb6797900b34ef01ae9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   667708 80772935e2ff170fe06c8f0591d8ca69\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   163802 b288b0a03e674709d36f073e2f2aaabb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   171858 03c3e449b387a91482d8b21e558c789b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   208910 52fc67c2845f34df0217cb67c305647b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   181866 37a8cd44a87026d32acc0df14da75c1c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   178588 7a195ed2a458db3d80f37e74c7132826\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   569302 4df5863188eea9c531fb34ba8c914620\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   201112 9b6e9c39d38d1177bef58eb540536657\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   196894 afcef91937f62b700897557f5b63d4a3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   245904 7f24c0ca154a19aeead58088bd176293\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   172436 23d27469a84fa956caf3311f66911069\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   171948 16d85086518604e7c07479209543ba5f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   201270 d4743d9d59253608e7fbf3732ad32bc0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   658586 e4247b61d8dbbcc543c2f81ffd2c4f2c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   337020 f6e748c6108bb629db19d0f0b890d899\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1556268 1f22fb32d46cd7fcaa817e767ed63e60\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   188070 b134b00d3918725f076deb49a8315287\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180752 2ed8865fbf082082b83d692f8b404911\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   409362 c060bc4bb1eefdae68faade8fc4d0e6d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   173228 c7a08401264d1f621dfd80876984c34d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   175314 9224ffb5723a2ee658ca751432781ce3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   238006 2278377f71a0cf0e8214202a7c137b3f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   192078 cdff976f851d9a639d546e17f9eb58e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   172872 89a7daed133f163b017cf4769fb72e90\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   203766 8425bd077cdbf5636ec9fa3a40899b34\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   183666 b1cf636c37dd8e9fd270cb46bdc1da1d\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   278418 5729538d364f4f5c8726f788443eb972\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158836 3cce8809849b8dfb61f5ecc67afdf631\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  2104034 acbbc4ba7176a4b6827fb183a2285c53\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   316226 bd2701e346c38ea1e280e4425fab0dc2\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   541750 a16b41e931f59e0c3ab64d0f3fe55591\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   182688 13077c7b948a560332188b139fa2b88f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   280024 fb4d9a96e61c132dbc5da3b7784a973d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1181102 b99aa55dba347f2a4a319fedac46bbb2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   740438 be2c7a300dcbc8a5dacd51864f9b5be4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   373234 7ea4c99de128c118ee62cb7a2360d47b\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1123652 f0f7eaef8ac9c91960474085f31a354b\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   498380 d46fc14c3ab96e6116e85720039c8bb8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158586 01acd9c9a697fda89a8000adc065aa4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   929694 4dd351958a4ec579a305e18b17dc6b79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   405110 4a7c191e86ad082b1b9a2b16ba52c64c\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   239834 3a244ffb3637774c3a07cc33b4d742e9\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1734732 6014914b81a49f5d8210e2beec459785\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   337532 1b7712671ffa568c1ab87b9a893910cb\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  4015554 6343b81312dc1b38035e449f291fc788\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   528816 facf36f32b31a3c47511c50cf46cc5fe\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   972000 0b2178929d57a1967d588f928937874c\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1894746 74c426c412ffec5e16f485d18301ea08\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb\n      Size/MD5 checksum:   110416 54d82d984ebe9e4b10e69b672c799cea\n\n  PowerPC architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   259230 4374f6ebc9200d2174341043c112e109\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   363334 160fc4f3333e6b709bba658d2178543e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   296960 603c9c356c7301bbb3fa9916d1cb0ec7\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   209880 219329af51376127e05af35917a68735\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   204442 d1be96893430d198b15d594d56243a9f\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   404728 9d57cd3cf2d5b249e0cb57d5b30d95c6\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   178144 6cf6e6a63688c7a97e37c9474f3e152b\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182676 56c556ab6b021879101dd701870f0d65\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   250214 661e49c5917779fbef900cd019df3247\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   739352 a3415710c7e7386754bfc8682cfa711d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1400632 bc1b20f4b7c5d3b77ae0aee63effdf57\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   288220 a55ad73354c9090fcf0d8a5cfb4799f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1335508 683a85aa5049f6cc62fe568d5b75aee7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   441158 7a73bd998d60d98474044473d7e1e4d8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   343294 71f1eb94d8436bb899d8de6a32da8aea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1514616 f021b0e71a36cb05f70859140cd708cf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   441080 aad05e6166ff256afe038261e77efe62\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   249610 761be7ee18d488fe34200d0dbbc67dac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   190510 21e8c664853cf494476e67cb3441b53d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   724186 ca04220950d4a6182b19f8780a9dddde\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   192026 d3ddb6afd8406af0243609fd0d7dd8de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   692830 1c8776ab048bbdd4a30e383cd1108e52\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   232648 62b9b0108d803f709ee26a68542fa3a1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   181744 6f123ac1a4758926ec51709841b13724\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1859126 e043d9aac0b66d62a620655a39ad97ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   225148 aea9393faf4b0edaa9103232aa248464\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   211792 137274f7b5d4883a35d6907f280e38b5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1007240 a635dc4740a9dfe704cc24877061c81c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   163706 b2b7794ed5fe042e0c31fcc0cfb2bfac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   173614 493da0df5065a4da8158cbb17f36b697\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   235184 819d0cc95a1cbfa835a2ed4b7f786165\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   180726 45d11fe75c08934e876787f7036f318d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   180862 a30b2742d24be32833174a4a804ef6fa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   832030 585c0fe336d9a51ddb9dc21768227226\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   198874 1294737db5224ab3296bfb9044e8832b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   198864 19acebc0a0478a55f99d2bd9f90498a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   464002 8842b1d84d667d0484b1a421780a63e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   171644 bd6629f9e652228fe66e9b0c391db4a0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   173334 b0095bfe736254c0bc7b5c3909879ac1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   645354 f78947afb933be6a464bad4620abd8b2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   337340 1462471e8b2e55e967d37cb0dd5dcb7f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  2248906 aa39c626a490e7443a4bc380f9773aa2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   186706 da779c8c5330d0407be8fdc8bb8173ee\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182192 63d57f316755a6d883cea67ac975f639\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   553672 2582cf21609c1c49f2aa094513e6f4ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   171892 040e3f801d40a4ad1bd3a1571ddd5e1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   176836 0e5e5ed5df4b61eb6f24ecffe9211206\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   279446 d3a872368f9df7580597389c17d978ae\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   191258 80fb2c1ad08d119ba23bcb3fcb16b1c3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   174466 9be15db49e12d9c9cf4f749fef17e8d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   225114 69f231b8328338e02f8da31394d8d5dc\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   184286 f7c882400c739e3599e75e321d5e5acb\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   272710 ab4cc869a57b10cb0950136905b8c48d\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158788 3133edb2bd3a8df3a82a7807309249b1\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158842 f39ce73aad052fc70749989b60d0072a\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  2112920 b63086522de7681a0082a78c5b041518\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   314958 8e52d4a60a0d1b437b06143a8e7993d1\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   508794 28d7b024adde446fb86c6ce2b1f858b4\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182900 61d45fc72d6d420debb63987b059bdea\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  3083976 db3db557ea4f14e99e6a43e0fb800fa8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   295876 9917c43004b8dd006f4b320bc351abcc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1904654 b5a2262a4e002e36278c656286efd8d6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   734058 18a3ef403198404e9c682e7e797a3491\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   372376 1507f1c52e26c3fdf13edbfdce59f8b6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1613144 b01d825bab12e0e3c0f72774df57f51f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   468614 eb933fd5af24f8771376e3acac3ef193\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158594 8dd4211d7bb00d471443a02fe897b828\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   808074 d72affd1921fb02b1116143642f031f2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   690206 e141cc451a8bce56da60b2217234b6a6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  6682418 be6e6132529820193e66e1c55f007dd7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   885710 ffc8c7adaead9e4f332442833065ec76\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   390178 ccda487d5599a7a8c15280214bd193ef\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   233004 57129736c7e23d01c991f2352001934f\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1583670 2dcbdfc3cf2f7f3f2d59f50dba809362\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   337044 ead33998a914ae257d59cbb2845038b4\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  5796628 308e7e0b85001e7a3cbfd74c83bbd980\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   515612 173f57fef319a3fcbf3ff2a7a9ba2e10\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   941398 df0360a7806665dcce1725cda3b5250c\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1729414 6f361ae8c82eab376e14112caf563627\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb\n      Size/MD5 checksum:   110844 bb75f25a0c723952e22c16528dac52a5\n\n  IBM S/390 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   261016 b11576dfd58cb0b8610013fd1f77da5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   356334 c4c20e75114576c7d9dfea92ac735c9d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   299618 ae63dc230ddf8380bb81ac03e84d9f2b\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   861914 142fce29993e744b67faf15c5acacd3a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   207434 7016c7027a54d8885db3ce2dc9d72bcf\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   205026 1b44e63a82180d29a5ab16a8c7de5a97\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   298232 d4cc2f1a791890214175b650173be0a4\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   179704 eb9f7b47856ab858a7aa7e9540e36ec0\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   183334 86b4707988a2a88b669148b0cc06c5cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   209198 ae8ba29733696b125f5099d121d1865d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   754942 6c4b60bab9d918a7a67f6cc5972e6d78\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  9935286 0cfd621c48007ab739925b97afe99459\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1385690 b5ec7f7b5a873a8bc6522ff58b006b5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   301510 84e66c1848cc1884b260efc6429f557e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   950252 29c6d39aa6989a525debc31d71660cc1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   434648 fc65b47658b425de6cb92b308e0318e3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   358550 913c9e37290bc08cb7985d3a5e5360b8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1105980 cc20687246cf71654c2fea70f969945d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   434536 f555cdc669c207a5f2af9f64c4dbf88e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   249950 e0e278d3653034caa1ad8114de8ce051\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   191178 9877b23f5a8fe9f632516e6cdab20a40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   526646 e9e92e600aa1328cf692a412dc29d055\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   193812 47843986f43e46a087562dd1ae3a7c3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   488660 c36397e3e28c3ed31eb1c270a5b31ed9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   231170 7343c839b5db38cda03132a2e2f43fb2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180112 d437359c6939bc126aca998a2e0a5670\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1197126 04fef360a0c48ea4cbd22b2275967f32\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   224326 e755b93bffaf5fb3d8c61633debcf667\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   214300 ba38e46a2c08f96758435687abc968ff\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   164022 6bce2fe8f612b51469353c6a81f31777\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   172374 ed88c7ce6cbe8faa23d640b0c9261973\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   209892 58a5154d31b1b2d1345354b4ea289f3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180542 cd3659e44b98e761976991ec8aec1d2e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180452 25765404e04171f9db00acbe1e1938e6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   576880 78f5eb71aa6d98d757a8aa36609933e2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   197788 63e02d933765075fda0163cd5f7b2123\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   198936 05e480a70d1637cf60e4b7d769e377b4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   257746 1178c8bbf47a3da072a01387e26e4f71\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   171692 ae1e7545c18dedb65276509b967c3b6b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   172282 597d3b175e028585a432a5ea7624f759\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   202484 00900f13039ad238178deca2edada9a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   636288 93c9d7742151efee83b417616042de6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   349560 79cc1771215735324036f28543edd6ad\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1593378 f94fcfc6add222a9bd061ed107d3a982\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   187768 50dcdcc21ba681a47770f76e5bbbd16c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   182564 eb1e3b990359bf9311fbe1b2bf5fdab9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   413646 53e01dc86afc8d574656110369553b29\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   171496 c902c4ef1ae92f8249b1208063582796\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   175374 65f2f8042c3ba6d65db970a43bab4569\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   239804 88239fd56881a45d163b45744bfae4b6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   191184 b0da17e90d1610eca0cb66845558ddbe\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   173304 a9ee19c5bbba5e3c05d7628a09dc759e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   205894 34a3d56b36366c1622cced5e3d03bfdd\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   183436 94608dfa5b08da618b55044e2ff2aa56\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   276620 cbe760c213039314b7a8bebda37cbc38\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158780 87774e3c0e9a3351f1df7df951920105\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158836 63971433e37d9e530322279eca61a28e\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1716176 cee79d4795b2c9c83b705ff494a74ea7\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   316906 c5b68def10170acf30c3ead53e5baa14\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   530022 4abc93320924d134665914f0b002ca61\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   182340 49bc884ea1d6989ecc1c5b8924c597d3\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   330914 b78dc9299d93f5c68e13bbba2e5b1171\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1310732 5d50f31cf6d71e5ae49ebf694089f12d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   730954 4b30d4bd8f54ba04bc79474206d24c20\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   368744 1a3fcaa2b38ab320f2cf780ae2fbb756\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1203426 77382920ec77dcc0fdc2d2111c367466\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   438364 a8f9aa44229d2c9d67bfd9e6c53edf14\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158592 c7351256cd10ca93167a8fa2c420d8ce\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   851034 4b4ed34eacdff567696a351769e91dec\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   354328 66b68028c1ea212b0bcffa74ea31e314\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   235068 1d03c6ed8c54744dfab467051f886891\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   337220 f0680427e0457e75dbcaa5824fdcfade\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   521820 058676242c82729a321b28c9258f869a\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   806406 b67e9bf1e1f71a3e39871efac1ef04ea\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1766784 c5d15916eee193f599fa851ee4efaacb\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb\n      Size/MD5 checksum:   112154 a2dfc1a42c434f2903ec9be068e12e30\n\n  Sun Sparc architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   251120 6a6c6f03b37e811ae195469e72c6e38d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   344048 8ba999289d750ba4ee049ed606ce7ebc\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   285098 013a125bd422e828d5f7b4b7caf2befe\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   786826 23029fee14ae423f4a01757a7556f40f\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   206034 e5bfb0235acab95832126c426d4daa22\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   200282 6d51ad473754375427be266be139cf4d\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   283484 64378cbd6be7aeb6788f01da7cde5378\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   176924 90574aacc859e31a6835efde2c649563\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   180862 a148c29afba10d5e75403dea33ddea9d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   204844 6885ec3fcb260cd54c3b10d1a6b80e3e\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   711862 05c681c1d9aa606692192546991dc4c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  9810500 96f9b7f647481a3a8cb07f3e589614b0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1365910 cea371314adc8346bc04d55145bf7132\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   279718 c8759a8f7ba115ae15dad96e66ff3d70\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   892056 f15e34ed247caeeade4397859e8c045e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   417428 ddd304994c35f2b11434cc57678b6200\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   331668 aa8c142b8af774f3fe2b1a9f9afe5336\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1026356 1e8d84afa56fa5a61685ff0b641774e5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   417338 7ade24d52608d946c225e5c4be803c3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   247482 2d0dc48c46f5c0aaebedfd207699b801\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   187792 1d819fcd2fb687bbe116b6727326daac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   516558 8c7179f7202d40a5f60dfcddd9cced06\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   189846 bcc85d36bd7863444a561d6d0d7bc1bf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   478100 b381fe292a9fcb3aff5f54a3730c82ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   230528 d0e74daf0645f7a4d9e88988b4110f5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   178522 f797684b630c7b94837dfc064da221aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1198574 a3fc69e423818ceb83036878952064af\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   219068 dac8cd1cd25927ab8ba3adb5b3c13d45\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   208188 e99b887c7a5210693174ea0453c4a095\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   673178 f8a305fff41a8fd3560ba9620d68a0cf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   163184 1ef9674f59e1d452b3b375e3f6cc6ba4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171726 a42c22e71c8f79ad852b59c8833b5480\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   208980 ee24eb25da955b1b835f4acad6029188\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   178962 fd22df9f1110413451eda040cf3d4215\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   177550 05f9333009b40b16a56a655261c4569e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   573766 fc89bff55941f16ba246471874de95bf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   194160 e16fe3bc639b204b7121cb63fdb45558\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   195154 bc337cf9957de401de6ba90a6222f94d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   241360 9918a8f85df0c41a4d3ada958d916644\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171148 bc8aad869f6c663b43a0aef73dc8019b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171376 0c7a75d8c7993858930cac664d7482a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   200530 e4349aa63bd0681cf66fb531bda10396\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   627184 f4b4c4b5834940321c5fd95a2279e12d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   330450 b93c2dfbebc8a8fcc2713e89ecda986c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1533278 46825c4c0c5d393de98774b47e719cd0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   184926 46b30fe844b4c08a24b868d63dd3bd58\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   410236 3564a0b2686f28cfe597c1cf97405627\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   170444 ccbcb0f2850701bfc6321c674a8b8ce6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   174218 e5494fbdb588d2691c253c98d977ce4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   237016 4260166015dd5ecf364af96fca04ecbb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   190284 337d228e15acf2a7cf83026ba3b4bd4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   172002 6e0d484b45388a3f9e0265831750fbf4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   202836 43787cf76647ccd5cbd7b9197d6b420f\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   181708 027d176b8b89cf2eecef08b3fa4b90be\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   268224 12152b5bab3f6cce61aa19f9e05941ef\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158632 68eda17dfb6d5846a93627748b1ad4cf\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158686 ec54e69cd4c1c82c623cc53978b22dd7\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1934896 77a1064998455a2cc1c384ae8fdcce29\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   307792 b181b2bdc84e8916e60676c8804d5173\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   498726 08f1f092d52d0f0faea072db99079d0e\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   180478 909f79a3f4a4302fb52cdb4f625de32c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   706072 7bf7c05cbffb036433ec24a9f5006a77\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  5583652 c58b16c2d860523368c0ee4624be4803\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   287114 01850d1ca580b4dfb0608f39306a4b91\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1253294 76575b58b1cb40b6c3f060b7c07412c2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   706766 97f87cc7b482596307e4b95b34c38f2a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   357804 a38bb604c839d14ec09d2cf74e781e64\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1110290 4fc9f2978c422f6771bea6531eaa106f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   442180 5652768f439246c9e1c5ad68e1335520\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158438 8c25fb31872381acd35354f91317c5a4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   823038 85b8ebe6d2e4d633c6dab56666ce2f78\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   695786 0152e635b45f6c6878038ec796dc7cc4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  4596090 9318bd03402aff608c7cb1993a50fb90\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   863010 5d7a9b2b939bebd52b450235569449ac\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   387526 0db93eab07feae51dc80ec0f785bfd66\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   226286 bca8e3ba1abc54e535fc51e791ee23fb\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1494844 492ef231edac7bf67969b425f325e095\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   336664 e6c981e1ebbba26892ab43b94e195c07\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  5432244 6fb260dc0ce16280a897fb71143a5c16\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   508648 d2db70e93fa1a20b801869c2146770f9\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   920670 62b75897a9f1ef8fa41c4877615ea585\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1626640 263daaa71644ff219841c835ca8c5f2b\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb\n      Size/MD5 checksum:   101352 197681c30bb451093563cb9d9d380fcd\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe\ncG20nrUmt0Lbb++Dmcukkyo=\n=uFfR\n-----END PGP SIGNATURE-----\n\n\n\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "db": "PACKETSTORM",
        "id": "53898"
      },
      {
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-24714",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-1352",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "23283",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "24741",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1017857",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "24770",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24791",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25006",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25195",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24765",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25305",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25216",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24756",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24771",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25004",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24758",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24772",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "33937",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24745",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "23300",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1217",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1548",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "33419",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099",
        "trust": 0.7
      },
      {
        "db": "MANDRIVA",
        "id": "MDKSA-2007:080",
        "trust": 0.6
      },
      {
        "db": "MANDRIVA",
        "id": "MDKSA-2007:079",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070405 FLEA-2007-0009-1: XORG-X11 FREETYPE",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070404 RPSA-2007-0065-1 FREETYPE XORG-X11 XORG-X11-FONTS XORG-X11-TOOLS XORG-X11-XFS",
        "trust": 0.6
      },
      {
        "db": "OPENBSD",
        "id": "[3.9] 021: SECURITY FIX: APRIL 4, 2007",
        "trust": 0.6
      },
      {
        "db": "OPENBSD",
        "id": "[4.0] 011: SECURITY FIX: APRIL 4, 2007",
        "trust": 0.6
      },
      {
        "db": "IDEFENSE",
        "id": "20070403 MULTIPLE VENDOR X SERVER FONTS.DIR FILE PARSING INTEGER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-1294",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200705-10",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0125",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0132",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0126",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2009-02-12",
        "trust": 0.6
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2007-11-14",
        "trust": 0.6
      },
      {
        "db": "UBUNTU",
        "id": "USN-448-1",
        "trust": 0.6
      },
      {
        "db": "SUNALERT",
        "id": "102886",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SA:2007:027",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[XORG-ANNOUNCE] 20070403 VARIOUS INTEGER OVERFLOW VULNERABILITES IN XSERVER, LIBX11 AND LIBXFONT",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "55599",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-24714",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2007/1217",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2007/1548",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56596",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55839",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "23858",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "53898",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55597",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55672",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56851",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "db": "PACKETSTORM",
        "id": "53898"
      },
      {
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "id": "VAR-200704-0229",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T21:05:01.347000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "TA25078",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ta25078?viewlocale=en_us"
      },
      {
        "title": "HT3438",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht3438"
      },
      {
        "title": "TA25078",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ta25078?viewlocale=ja_jp"
      },
      {
        "title": "HT3438",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht3438?viewlocale=ja_jp"
      },
      {
        "title": "XFree86 (V2.x)",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=980"
      },
      {
        "title": "xorg-x11 (V4.0)",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=998"
      },
      {
        "title": "XFree86 (V3.0)",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1005"
      },
      {
        "title": "RHSA-2007:0126",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2007-0126.html"
      },
      {
        "title": "RHSA-2007:0132",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2007-0132.html"
      },
      {
        "title": "RHSA-2007:0125",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2007-0125.html"
      },
      {
        "title": "102886",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
      },
      {
        "title": "102886",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-3"
      },
      {
        "title": "FreeType 2.3.3",
        "trust": 0.8,
        "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
      },
      {
        "title": "TLSA-2007-26",
        "trust": 0.8,
        "url": "http://www.turbolinux.com/security/2007/tlsa-2007-26.txt"
      },
      {
        "title": "various integer overflow vulnerabilites in xserver, libX11 and libXfont",
        "trust": 0.8,
        "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/000286.html"
      },
      {
        "title": "XFree86 4.6.99.21 (7 April 2007)",
        "trust": 0.8,
        "url": "ftp://ftp.xfree86.org/pub/xfree86/develsnaps/changelog-4.6.99.21.txt"
      },
      {
        "title": "RHSA-2007:0125",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0125j.html"
      },
      {
        "title": "RHSA-2007:0126",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0126j.html"
      },
      {
        "title": "RHSA-2007:0132",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0132j.html"
      },
      {
        "title": "TLSA-2007-26",
        "trust": 0.8,
        "url": "http://www.turbolinux.co.jp/security/2007/tlsa-2007-26j.txt"
      },
      {
        "title": "Ubuntu Security Notice: freetype, libxfont, xorg, xorg-server vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-448-1"
      },
      {
        "title": "Debian Security Advisories: DSA-1294-1 xfree86 -- several vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=be53ababa489c9b6bdb9d0399332f169"
      },
      {
        "title": "VMware Security Advisories: Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=583d15c673c91b6620d123d9baa3e726"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.securityfocus.com/bid/23283"
      },
      {
        "trust": 2.6,
        "url": "http://www.securitytracker.com/id?1017857"
      },
      {
        "trust": 2.1,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-178.htm"
      },
      {
        "trust": 2.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
      },
      {
        "trust": 2.1,
        "url": "http://www.openbsd.org/errata39.html#021_xorg"
      },
      {
        "trust": 2.1,
        "url": "http://www.openbsd.org/errata40.html#011_xorg"
      },
      {
        "trust": 2.1,
        "url": "http://rhn.redhat.com/errata/rhsa-2007-0125.html"
      },
      {
        "trust": 2.1,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
      },
      {
        "trust": 1.9,
        "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
      },
      {
        "trust": 1.8,
        "url": "http://lists.apple.com/archives/security-announce/2007/nov/msg00003.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.apple.com/archives/security-announce/2009/feb/msg00000.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/23300"
      },
      {
        "trust": 1.8,
        "url": "http://issues.foresightlinux.org/browse/fl-223"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht3438"
      },
      {
        "trust": 1.8,
        "url": "https://issues.rpath.com/browse/rpl-1213"
      },
      {
        "trust": 1.8,
        "url": "http://www.debian.org/security/2007/dsa-1294"
      },
      {
        "trust": 1.8,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:079"
      },
      {
        "trust": 1.8,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:080"
      },
      {
        "trust": 1.8,
        "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/000286.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.redhat.com/support/errata/rhsa-2007-0126.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.redhat.com/support/errata/rhsa-2007-0132.html"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24741"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24745"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24756"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24758"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24765"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24770"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24771"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24772"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24791"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25004"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25006"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25195"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25216"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25305"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/33937"
      },
      {
        "trust": 1.8,
        "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.ubuntu.com/usn/usn-448-1"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/1217"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/33419"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
      },
      {
        "trust": 1.2,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10523"
      },
      {
        "trust": 1.2,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13243"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2007/1217"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2007/1548"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
      },
      {
        "trust": 1.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1352"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1352"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/24741/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1352"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/1548"
      },
      {
        "trust": 0.6,
        "url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2007:080"
      },
      {
        "trust": 0.6,
        "url": "http://frontal2.mandriva.com/security/"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1003"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1351"
      },
      {
        "trust": 0.3,
        "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=234058"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/safari/download/"
      },
      {
        "trust": 0.3,
        "url": "http://www.x.org"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/491868"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/464694"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/464664"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/469068"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-141.htm"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-167.htm"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-193.htm"
      },
      {
        "trust": 0.3,
        "url": "http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00051.html"
      },
      {
        "trust": 0.3,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2007-0126.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2007-0132.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2007-0150.html"
      },
      {
        "trust": 0.3,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1351"
      },
      {
        "trust": 0.3,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1003"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.3,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=13015"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/448-1/"
      },
      {
        "trust": 0.1,
        "url": "http://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/23858/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://www.redhat.com/archives/fedora-devel-list/2007-january/msg01277.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/archives/pam-list/2007-january/msg00017.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/1701/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/),"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
      },
      {
        "trust": 0.1,
        "url": "http://en.wikipedia.org/wiki/x_window_system"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
      },
      {
        "trust": 0.1,
        "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1667"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://packages.debian.org/\u003cpkg\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "db": "PACKETSTORM",
        "id": "53898"
      },
      {
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "db": "PACKETSTORM",
        "id": "53898"
      },
      {
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-04-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "date": "2007-04-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "date": "2007-04-03T00:00:00",
        "db": "BID",
        "id": "23283"
      },
      {
        "date": "2007-05-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "date": "2007-05-10T00:58:06",
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "date": "2007-04-11T04:58:06",
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "date": "2007-01-27T01:46:45",
        "db": "PACKETSTORM",
        "id": "53898"
      },
      {
        "date": "2007-04-05T00:59:16",
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "date": "2007-04-05T00:54:35",
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "date": "2007-04-05T06:50:16",
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "date": "2007-05-21T03:53:03",
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "date": "2007-04-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "date": "2007-04-06T01:19:00",
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24714"
      },
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2007-1352"
      },
      {
        "date": "2008-05-09T18:15:00",
        "db": "BID",
        "id": "23283"
      },
      {
        "date": "2009-03-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      },
      {
        "date": "2009-08-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      },
      {
        "date": "2018-10-16T16:38:09.313000",
        "db": "NVD",
        "id": "CVE-2007-1352"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55839"
      },
      {
        "db": "PACKETSTORM",
        "id": "55599"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "X.Org and  XFree86 libfont of  FontFileInitTable() Integer overflow vulnerability in functions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000253"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Boundary Condition Error",
    "sources": [
      {
        "db": "BID",
        "id": "23283"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-099"
      }
    ],
    "trust": 0.9
  }
}

var-200704-0737
Vulnerability from variot

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input. An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. This BID has been retired because it is a duplicate of BID 23283. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. It is an open source free software. If the specially-made font information specifies more than 1,073,741,824 (2 to the 30th power) unit number in the first line, it may trigger a heap overflow.

Debian 4.0 (stable)


Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200705-10


                                        http://security.gentoo.org/

Severity: High Title: LibXfont, TightVNC: Multiple vulnerabilities Date: May 08, 2007 Bugs: #172575, #174200 ID: 200705-10


Synopsis

Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges.

Background

LibXfont is the X.Org font library. TightVNC is a VNC client/server for X displays.

Affected packages

-------------------------------------------------------------------
 Package            /  Vulnerable  /                    Unaffected
-------------------------------------------------------------------

1 net-misc/tightvnc < 1.2.9-r4 >= 1.2.9-r4 2 x11-libs/libXfont < 1.2.7-r1 >= 1.2.7-r1 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------

Description

The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected.

Impact

A local attacker could use a specially crafted BDF Font to gain root privileges on the vulnerable host.

Resolution

All libXfont users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.7-r1"

All TightVNC users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/tightvnc-1.2.9-r4"

References

[ 1 ] CVE-2007-1003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 [ 2 ] CVE-2007-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 [ 3 ] CVE-2007-1352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200705-10.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-448-1 April 03, 2007 freetype, libxfont, xorg, xorg-server vulnerabilities CVE-2007-1003, CVE-2007-1351, CVE-2007-1352 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.3 libxfont1 1:0.99.0+cvs.20050909-1.3 xserver-xorg-core 6.8.2-77.3

Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.3 libxfont1 1:1.0.0-0ubuntu3.3 xserver-xorg-core 1:1.0.2-0ubuntu10.6

Ubuntu 6.10: libfreetype6 2.2.1-5ubuntu0.1 libxfont1 1:1.2.0-0ubuntu3.1 xserver-xorg-core 1:1.1.1-0ubuntu12.2

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

Sean Larsson of iDefense Labs discovered that the MISC-XC extension of Xorg did not correctly verify the size of allocated memory. (CVE-2007-1003)

Greg MacManus of iDefense Labs discovered that the BDF font handling code in Xorg and FreeType did not correctly verify the size of allocated memory. (CVE-2007-1351, CVE-2007-1352)

Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz
  Size/MD5:    57463 b8f6fa3ee48672ceca86bf9625536545
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc
  Size/MD5:      695 b4b76f4eb02a68844666cecef2655e87
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz
  Size/MD5:  1245623 991ff86e88b075ba363e876f4ea58680
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz
  Size/MD5:     7087 fa6f3d6472398c4afe51232508d5bd25
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc
  Size/MD5:      771 220ed305b077585687ccec6564955b03
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz
  Size/MD5:   788911 32b390bd94e4250475702e668b2bf243
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz
  Size/MD5:  2491611 eaa8cba7cdd69c746d88c0c28fe51c5c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc
  Size/MD5:     3728 9ae8a29c6619763c73ac3c7554615886
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz
  Size/MD5: 49471925 34cba217afe2c547e3a72657a3a27e37

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb
  Size/MD5:    65788 12bad26276ea4cb67cd2ef6959e8dc59
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb
  Size/MD5:    72432 2c968bd2d7fcc1f5f7ebbc07193f58a5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb
  Size/MD5:    65560 073f34a0d879c566823c70a701e40aeb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb
  Size/MD5:    92072 af61cbb4688ff1affeed10a82a8660dc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb
  Size/MD5:   715620 e4f2e86619a5f21ed660eca3f03897e3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb
  Size/MD5:    65536 e1edff49971cdb0872f71941f37950b3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:    75540 9be3f1b17f6ca112f2907b69d1e87ffa
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:   722918 748a13b1cfbdf910d89f435a822d0546
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb
  Size/MD5:   241784 bc3519b183a983495121373cd78c9456
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb
  Size/MD5:   392948 d6f2e48fe489ca394fad153c07400d14
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   297970 157c10e1e0db8aced07b462777318da5
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   377708 bfc5fba5bc6305a66dc0836712e7a91b
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb
  Size/MD5:   243588 f275099ce971aa990f3d28e0d7aea5f3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb
  Size/MD5:    65746 e85a37b8b5ca3e0150961324914dd38a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb
  Size/MD5:    65774 dd5d197fe97c558ec418dde967a914a1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb
  Size/MD5:  1029630 40e93609ec560b44558b86cc717d2991
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb
  Size/MD5:   117402 35860dfb00719c6fffddb2b4a5747abd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb
  Size/MD5:   113704 24f40fbf5593dd653e72f6c2797516c0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb
  Size/MD5:  1526642 e357f9979668602743c2596992abee80
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb
  Size/MD5:   123324 d10670b3b2a2ae50b816062e004d1b7f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb
  Size/MD5:  3993068 d361ba44f7464198b2d990dd2f939ff3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb
  Size/MD5:  4773852 f644788b79b0d0a6deb0bb3e27743416
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb
  Size/MD5:   126370 521f72819330e496e89a253021cf5215
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb
  Size/MD5:    73882 3ebb4a5f56625e7b78d9e536072bc763
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb
  Size/MD5:   324240 e01da75bc223cdd1b8699b19291334d6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb
  Size/MD5:   152244 43f0e543b835068278f56c60690769bf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb
  Size/MD5:   101702 9ebbefa73e1c3194b6c04269fdb292d8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb
  Size/MD5:    81032 5d524764bb1c2bd8b918ed563b68886e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb
  Size/MD5:    70664 2db770e3cc6802174762f55c99ffd1b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb
  Size/MD5:    74290 49d5ffa068a163464a569a4c8cd662f1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb
  Size/MD5:   160244 e59c1b781ec041ac3df2486743ba07cc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb
  Size/MD5:    89792 4b5528d20347eb721df443aa14be6084
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb
  Size/MD5:   168474 a98c9ebf3b71b96066ee96c461e51de1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb
  Size/MD5:   154206 f146cd927b79c7f43fc4afe904fd7028
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb
  Size/MD5:    99620 45382b9464fc7c21021ca81f7601977a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb
  Size/MD5:   131230 d73416650296039e0d59d2a2b75f2d8e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb
  Size/MD5:    90240 5af0c68193b4349fbcd239ec482ed2ab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb
  Size/MD5:    91726 cb82c871f03ffb6e968bea210a6af75d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb
  Size/MD5:   104188 eb7e8e83da3cf9b4e7c65ed24b92a2e0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb
  Size/MD5:   107776 31c8cc09a6a9241c91d2c03975287842
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb
  Size/MD5:   105300 e06379b5530410c398c23d24e4a2682d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb
  Size/MD5:   340896 0114deb2e7cea78860e08ada6fc9d3d9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb
  Size/MD5:    99038 bd5c774e186120d851799de0d060ef3f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb
  Size/MD5:    88846 e611135fac9da5e514defd35fadd8025
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb
  Size/MD5:   132244 aab798cb57d644b327fe6a7bb5c51637
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb
  Size/MD5:    96404 3ee874ea69eefd45491d6ca56830f307
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb
  Size/MD5:    73392 6d5439acff5d2098ca6741cfb8ef6a00
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb
  Size/MD5:    77434 6e8e03907c375a01588e05d5e1b18b23
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb
  Size/MD5:    75352 b12939451111e63dd0917362e42ec4cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb
  Size/MD5:    70676 730768c822fa4c806bab0459866971aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb
  Size/MD5:    80550 184a471135082d501936061092fb607f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb
  Size/MD5:    70248 656d22076f2b45ded25f4d2f08d8801a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb
  Size/MD5:    90044 676d14ebebf88b4e12114b08b169003c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb
  Size/MD5:    71032 fd5b286d4122018630fe6afec181edb6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb
  Size/MD5:    70166 f1c622c52ee792548953adce5f372a2d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb
  Size/MD5:    69772 099498b9bb81379b15f5c24741a2befc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb
  Size/MD5:    73234 3410e093a87090fcf4ca0134c7f00ab3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb
  Size/MD5:    70778 b37384a5c58b046fef89f487ff49f5a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb
  Size/MD5:    72940 b873ef7a14637241aacfbce9951b60da
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb
  Size/MD5:    74632 79a5026db158fb123ff54af1e35d501d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb
  Size/MD5:    69366 8f0c8b39e5f88d657a8c038aae1305eb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb
  Size/MD5:    72022 0dd20d44c7f77c47c3dd3f7a3353b894
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb
  Size/MD5:    98390 2c172d033b5252846ceeee40990d0a16
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb
  Size/MD5:    73580 3d3b88bf32deff96a074b58a30a0cbee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb
  Size/MD5:    71608 db4f436ea8ad1ecf12698014afca127f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb
  Size/MD5:    70346 ca124fdfda754fcd9a91adb46d62a84e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb
  Size/MD5:    69124 ac4fa56df52b175d81769cc20caf3777
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb
  Size/MD5:    72888 c1279a890e388b9cdb7e8e79c6e6cafb
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb
  Size/MD5:    70860 c17d207b3d04bd35ad5afa7ba56597e7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb
  Size/MD5:    67680 77d2e92de46a38a197f62355e45a84ee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb
  Size/MD5:   101040 b66ac048fc5858c86e9dc079c79f8b38
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb
  Size/MD5:   274146 40e3014ce80f6be8852fa043105bab70
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb
  Size/MD5:  1640494 bf0c8235665a11c099cd227ad2b3a60b

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:    52860 8f9822785a4d4feeb120b7ef6d874709
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:   686404 46b3001cdee7cd73141461033f8f4482
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb
  Size/MD5:   209260 17f5df161bde9954b46051ef2e989159
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb
  Size/MD5:   361112 e8d31f9d89c442a5834144b374b49a54
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   275968 4d5e4d8c032a149c09033a3f4d078faa
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   321688 f7e708a09b31924830357d10ad2fec40
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb
  Size/MD5:   217758 a18b74fa709fa38ba055e8e4b820a09c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb
  Size/MD5:    65750 86dfe78dfa09f1d7a52d646fb10401cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb
  Size/MD5:    65778 5dbe48fb74851b2c6e85cd143560884a
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb
  Size/MD5:   880068 69e876557cbb97c0b51a2574f2ab4a2a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb
  Size/MD5:   111442 5fb72b1e75b0a6e8a528940045233288
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb
  Size/MD5:   107366 88bf57b6009f6e5e1b74543933d90952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb
  Size/MD5:  1282444 a1616fca7bbd45734eeac5dbadd4ddca
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb
  Size/MD5:   122984 46402235fcb4c943f421d0081767c228
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb
  Size/MD5:  3393114 cf2287d566a90325bdf5d37d0d772c9f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb
  Size/MD5: 21046384 e74d9ad7ebea1118a0991b54de50b21b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb
  Size/MD5:   122974 a2d63f1a30e2e8778d3737d334224e44
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb
  Size/MD5:    72406 c79fce80a122bcb69cb8aa2840027183
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb
  Size/MD5:   300354 be69393fd4c49073fc291d4382682af6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb
  Size/MD5:   147054 13477206d327d76ed6cc6760081b6a0d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb
  Size/MD5:    94812 6dbbfc2081ce19bd705e65a76c370b18
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb
  Size/MD5:    79216 96e108be36d7e96d1d7c61c55d2eada5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb
  Size/MD5:    69808 919b659eacec53b4612e0fac956adca7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb
  Size/MD5:    73250 78bb84280077b3aba53beded9161a244
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb
  Size/MD5:    74914 040afc6608d22fee2eae20ba8b0e840b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb
  Size/MD5:   159892 2780f991c85e2be15dda1635f8c98b11
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb
  Size/MD5:    87476 f4505c09091c8d4e49b3bbb345340e2e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb
  Size/MD5:    86544 d08ed7ba7921a6341be43b1b597c7c01
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb
  Size/MD5:   158570 b6a1db2cde816a16be29d2aeb627ebee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb
  Size/MD5:    73262 07d1fa25882621bad5be61b318fd3a66
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb
  Size/MD5:   143748 8868549c96ba8150954a69cbf3730801
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb
  Size/MD5:    95818 b3b86c3fdce299e35aba1f8189fe5005
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb
  Size/MD5:    74236 e55cf778b3b0f1d43604722bdd8689b2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb
  Size/MD5:   160514 2ececee8091f44f6dd61de03d9ddf77e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb
  Size/MD5:   123050 8e43b21c9dce1af5e5b88f24b8239952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb
  Size/MD5:    87578 52ec26ae5b375ef892d6a86f180577db
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb
  Size/MD5:    88736 1538d94d86c0603bde8c1f8504121c8f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb
  Size/MD5:   100086 c31e59302ae59a2b4eeb015050922b41
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb
  Size/MD5:   102452 f1eec9b8382457b89406d69b526ad11e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb
  Size/MD5:   102018 fe04cd8d4a6e461491add407142d3ff8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb
  Size/MD5:   320680 c7a5363feaea7213a73835fb53a023dd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb
  Size/MD5:    94190 4b8e7c65cc416de4a6d4691250776493
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb
  Size/MD5:    86104 94013a70b7734e0f4205e723093f71a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb
  Size/MD5:   125852 2352b91c3e6f9de7f5e5d63efdb22c82
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb
  Size/MD5:    93760 809003f68c722bd4cfae1a197fc5f652
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb
  Size/MD5:    72098 5651248f206d8b9987370ebbd24531ab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb
  Size/MD5:    75834 e41fa0b5de64e33a4c38c15f947cbb37
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb
  Size/MD5:    74320 9f80f3d04c9ffd9f5a505847a7fbbc4e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb
  Size/MD5:   138682 7e1c4877500e1dca3a735dd2f33d3193
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb
  Size/MD5:    81378 ea3a2925ac33d30af17a184c1160ab34
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb
  Size/MD5:    70188 dbba5b087d2dd682d7df359c6ecf7aaa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb
  Size/MD5:    79394 52f292de69593f4126072df958002b5d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb
  Size/MD5:    69716 edd13af3e98d5f70248479424f7597c2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb
  Size/MD5:    87794 c6c08212db44d8cf26e0884a04c2d9b9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb
  Size/MD5:    70516 a91e7e0beab053a8ff753050c2f15b35
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb
  Size/MD5:    69564 618499e29d79c7bc8f11ffa925c09b75
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb
  Size/MD5:    69266 f457352b4675b27b7d40337cbe0a2695
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb
  Size/MD5:    71954 153e6af112f360033a37aeb4670c14cc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb
  Size/MD5:    70338 c01097e2eb0a2a3abc95a3dfa0247327
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb
  Size/MD5:    71888 2f84d4568562561ef3498c9791ccab7f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb
  Size/MD5:    73402 7e0ab015ba49f103afb96c7211ce5755
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb
  Size/MD5:    68822 4f17e665de66a9940ff3c6722fb08198
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb
  Size/MD5:    71282 ac55322bb00e6c33b1f764e47a2896e2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb
  Size/MD5:    96556 c3fce835be42eb0c31d03056fac32376
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb
  Size/MD5:    72546 05232e76ad9b9dc93d3db86c423d1b7c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb
  Size/MD5:    71022 4fd42ec380a437249a026bedc2e44cfe
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb
  Size/MD5:    69748 7f95915c766d8f5486b6ee4af5f824ca
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb
  Size/MD5:    68636 6e64a58144fd2364f5a27cacadc668a4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb
  Size/MD5:    71956 f9a757c36bec95a75413995401d7fec8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb
  Size/MD5:    70302 2ec147acfc14c068896185d2dd01887a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb
  Size/MD5:    67446 ca456ab89714cb807ab26dfa676578b2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb
  Size/MD5:    96986 2799f489d096d23cc91037d7705f7abd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb
  Size/MD5:   274176 ea1d2fc5b60b7754d47ada4cbbe7a612
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb
  Size/MD5:  1383664 7fca88ca86e1d9545c0a5a7ed877f2cf

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:    80654 12c06589e94a6d6da139a27d5bd48b4c
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:   729308 9c85d5592d0f162884bc52bc82e09457
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb
  Size/MD5:   230642 65a12121f60f8096bea04955e30ae42a
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb
  Size/MD5:   382478 7b1ac5f12fdba3482ad3251c3c24bef3
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   286022 d37d7708a0341cd63c1390fb0ff387a9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   373114 ed63b7e61d8a65f90cd8c3599d0c96a6
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb
  Size/MD5:   237726 289174b8732579cc6b38f50f6398525e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb
  Size/MD5:    65746 c5de437f4027dec1acb8640bf14c4ccf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb
  Size/MD5:    65774 9d5e6b227f9799035e83f10ffa1f4cbe
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb
  Size/MD5:  1006498 218159bdb9b8b250ef184881db5364e6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb
  Size/MD5:   114636 384d4379cf21cc360da3f74252dc6e48
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb
  Size/MD5:   110580 054183b9a9c8a86fefac3017592eeb3f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb
  Size/MD5:  1477044 d49494dfeb3fbb06cc60ac2397b104b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb
  Size/MD5:   123370 5084044b08a994ade1e05ca769fbfeab
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb
  Size/MD5:  4153716 d136a45467ed83aa7c9be079d38bbea1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb
  Size/MD5: 17841844 cc6a10b4f49e0a3dc197f4b4a25be310
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb
  Size/MD5:   316180 8da85e525823bd09bc3648d5f642baad
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb
  Size/MD5:   158800 f6957aec1dfb811624d4223b3b8792c3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb
  Size/MD5:    74910 886ebb1cc261a13774fb37442f67b04b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb
  Size/MD5:   177164 4df697145e0bc9e405269f370c098ad3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb
  Size/MD5:    74766 af48765f0b61b699ef013e7fb91d0563
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb
  Size/MD5:   154718 49e8c9067f4196f735100fdb88abf241
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb
  Size/MD5:   133938 1f37af997b732cce638c2f442ac32c27
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb
  Size/MD5:    98722 fd531207bb51ee7557839113134c03de
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb
  Size/MD5:   107536 eb327385a5f0410f9a1180d7c6808903
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb
  Size/MD5:   110162 a70cd8531c61382bcc07b92a34202bed
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb
  Size/MD5:   368234 fde514af99dfabf48ab685c95a95249b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb
  Size/MD5:   100614 d6dabc2023c08f6379f0fb98d3c076b3
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb
  Size/MD5:   142422 42f616549b5dac01f66403b64d5c5e5c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb
  Size/MD5:    74212 d6d45dde725417a9a4b014c65a41cb12
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb
  Size/MD5:    76358 450f581f1d862d20f67f0054ea46cc66
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb
  Size/MD5:    70846 9b2d0fa88f4fa0edacffdef2ee62901a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb
  Size/MD5:    82626 b4af3fee8db47771e9325f634119c6b4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb
  Size/MD5:    70766 2f945c77af13fed6788bdabc71c312ce
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb
  Size/MD5:    93244 e8dee7a2b70acb94d51c7cd1c1e97b9c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb
  Size/MD5:    71734 e73893cfe3b9d5b693569c2382905cf1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb
  Size/MD5:    70374 7082960291a9bb88d003eeeb4285358b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb
  Size/MD5:    69938 d7113c27bbd386c14ff9a2b712c51342
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb
  Size/MD5:    74028 4bd41187c68fa51fb0adced0ccaad0ac
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb
  Size/MD5:    70956 a0f37dfd435cba240a1d3a35f27841aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb
  Size/MD5:    74336 41cacbfcdc99b42b0264d82a7578a8ec
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb
  Size/MD5:    74960 52611ed1fc10530d4ab44fd16577bce1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb
  Size/MD5:    69550 22c49ab9f187bdca55a0fbb83857ce25
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb
  Size/MD5:    72498 44c3195bdcf64c2c5cf8504f6089e619
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb
  Size/MD5:    99586 ac9781c897e4dc052af9c9c80a4853db
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb
  Size/MD5:    74312 6d10ae854f4e4a3c5f137950e307db5f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb
  Size/MD5:    71850 80b3b7bd7b567be9d5dd896e8613ec16
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb
  Size/MD5:    70548 37d1b7c034b9f792608d3e6dd2a867d1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb
  Size/MD5:    69216 7ee83181573ac45a56f2a4fb044a5e6f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb
  Size/MD5:    74222 a0f33d1df407af5b5a6c51a5882a9e60
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb
  Size/MD5:    71126 9140e6af3e6ad35bd68a5f5968399b0b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb
  Size/MD5:    67622 d3f49e28e34a285865f8870b3eeb8aae
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb
  Size/MD5:   106738 88fbfbd6e6ad9f5336552ec2e50ec9a1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb
  Size/MD5:   274024 93076262a05833b4807e98699103d946
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb
  Size/MD5:  1590104 e71d49333a98a285fe438d08e48ca2e9

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:    68646 bd18602999ade0786089cf0c117a8340
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:   699952 0697ae616e5f96afe661a7a121eaf8ee
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb
  Size/MD5:   216454 7d29da7d817ac7ff1c6d7914630493ad
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb
  Size/MD5:   367276 9024cd052d0210a8bacdaff20589b06c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   294964 b666356962ef9506da0b76efd05c9908
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   324238 7dfef6defc80be665990fcbdd0e08e2e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb
  Size/MD5:   232476 dd914e38e4765a07e0980dd6ad5907b8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb
  Size/MD5:    65744 69da99ffdd8daf0a439b098b2e284b32
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb
  Size/MD5:    65772 de0733e94929d4379e05d3c88a13a285
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb
  Size/MD5:   920880 2d70ca5f3de16d1192b1c05d99e21d93
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb
  Size/MD5:   112780 bf763538fea32c5f73f85ab86438014b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb
  Size/MD5:   108622 99531cb07cdffc17daf11727bc7e11bf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb
  Size/MD5:  1357838 e4491783b6a9e3d45d19a1ffa086bc81
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb
  Size/MD5:   123326 32c21b631ab344dd58d27bf7a62c605b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb
  Size/MD5:  3746340 8e6087848c828cfc5d72cde99b21242b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb
  Size/MD5: 19778476 767707fd2df5e224381a33fa872cf19a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb
  Size/MD5:   124424 081cfba509d6784ba22518521c18aa79
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb
  Size/MD5:    73344 ca0e2f22257a9911dbbe7c9c0f479d57
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb
  Size/MD5:   302440 861d677e1de334391174481377f437cf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb
  Size/MD5:   152068 643d54a96746678c36f17c3ffd3ab91c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb
  Size/MD5:    99108 b1a219d38a08ec0a3ca4cecba79a2784
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb
  Size/MD5:    70306 2b541fd5e4f10f05266800b2f977f120
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb
  Size/MD5:    74052 448582ffd40305e797cf2815c6f9c1a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb
  Size/MD5:   174824 44a2ace41f17b1f0da1c3ff7199de0f0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb
  Size/MD5:    90378 e8c95b12f1882e1f9294cb9821dff299
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb
  Size/MD5:    88784 7069730f8ea7530b607c0ecdedabe693
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb
  Size/MD5:    74196 a67897463a21167d281a29fab9414ecf
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb
  Size/MD5:   151636 442a736cb4530a699e4ea844e01763a0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb
  Size/MD5:    98780 9b374f040468ddfa4c8559c63e4598e1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb
  Size/MD5:    75054 e41f20599375cef562d50cfd5ea91f22
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb
  Size/MD5:   130164 7d81597fa246853896dee123c93a3443
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb
  Size/MD5:    89382 0c4f8f40654fdd09e520145ca2e886bd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb
  Size/MD5:   105294 1f6862c1c719219da1b965623774def5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb
  Size/MD5:   107562 634a4e99cee1f7ed5a96fa6d1e5053aa
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb
  Size/MD5:   106838 ca4bcbbcbb250fc4374477ef17dd5dbd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb
  Size/MD5:    68678 95aa8f3f675f84b9b445fd5a85c75952
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb
  Size/MD5:    69252 2d87f35b35295d29bdd76a8172351ac2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb
  Size/MD5:    68734 8809dd6543372feddd2a5886f6976776
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb
  Size/MD5:    69728 1b59fdb3a45e0a569445b34d064d0633
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb
  Size/MD5:   127670 0b38955174a4ed44bd4578c87da66684
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb
  Size/MD5:    81660 117464ff17f748d0c95aa59f89abf250
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb
  Size/MD5:    70446 e69222c475300674077226d927e4a156
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb
  Size/MD5:    99410 33d1cafe6bf0edca99ba9392966d6ab7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb
  Size/MD5:    87728 726ce3e0143dafcd495e3de4a40cf8c0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb
  Size/MD5:   131950 e98574be1b719debd2c4542b199cdfcc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb
  Size/MD5:    73412 b1d2672fcf4c22e883e9b93ddfe70e1a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb
  Size/MD5:    76710 1254832b3fa89d4cf901bce0bb79c6ba
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb
  Size/MD5:    75206 36b39c918f6061dd11711972d2025110
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb
  Size/MD5:    82618 c65b2958ebcc66702c6db1a24aee3813
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb
  Size/MD5:    70412 26c69d8e78229e07af1aa8176594728d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb
  Size/MD5:    80920 710cf56fd1e938d25cd1b0ad6a524a08
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb
  Size/MD5:    70316 83f3d61a2bed0574b25b2b0afb808ff6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb
  Size/MD5:    91828 01867c3013e5a645d22cd97dc2068e1c
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb
  Size/MD5:    71154 447987785afddd40f58871ed82d1d8c7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb
  Size/MD5:    69880 df7253bb410088887e963b4ec185a761
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb
  Size/MD5:    69582 772f0ae3564c523c6f010b9e54b9dbe6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb
  Size/MD5:    73168 0a6bc07c0a89ed382852a9f22212882f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb
  Size/MD5:    70622 a647189fd612aad8b9d57ee1d8d29da4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb
  Size/MD5:    73350 e5ca5c4d5c85b8b58a2d966c9cc122a5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb
  Size/MD5:    74194 2d9b7ab568db94f2fdfbf9208c51f269
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb
  Size/MD5:    69170 bd51f60f99bea164a1655bf99d81080d
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb
  Size/MD5:    71910 f439b8d1778d01df70f869e04d0f916a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb
  Size/MD5:    97820 daa144c86465f941bad248f7f2011095
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb
  Size/MD5:    73544 67eead253f6f73a4c95cff9ee3fe5e45
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb
  Size/MD5:    71470 462bf1db6bf06a3541c048e978f619e1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb
  Size/MD5:    70044 56d63787661918acfa11b4c2edf1b363
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb
  Size/MD5:    68896 407a96555ef0aca1c0f862756985bcc4
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb
  Size/MD5:    73208 c124d986e5ede6f22d2e6e4468ef44da
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb
  Size/MD5:    70788 139b257d986d1d81abc5df96ff6c07ac
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb
  Size/MD5:    67526 da4b3fa6d2ea2cd03ff074fae1f99e11
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb
  Size/MD5:   102200 d20486be0bd003c871362662945890ce
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb
  Size/MD5:   274186 2936a9182f8fe998082ea1b094cb4d84
http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb
  Size/MD5:  1463574 ed56597df856cf23c99ea94b0df46132

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz
  Size/MD5:    59540 862bd1b35276a1f6295ab86afbb0c585
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc
  Size/MD5:      710 e45aa32ea5d21cea1443eef299963ab6
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz
  Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz
  Size/MD5:     7292 53e0bf4639f85be2596ea73128f9786f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc
  Size/MD5:      743 fb5f2db984b7aa11cc61b95c08908f4e
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz
  Size/MD5:   816966 29c00c678d4ac9bea8ffe7ba264825d0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz
  Size/MD5:    31362 fb578e86128d4cefd37470d2b1b7a800
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc
  Size/MD5:     1804 b8fa2ff2adefb6457a217c145f0a99ee
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz
  Size/MD5:  7966941 f44f0f07136791ed7a4028bd0dd5eae3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   133862 9849bf94a3c83769fee1c8c40cc5a195
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   717494 0b0587f17aa8338d68f00f4f6de40cf8
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb
  Size/MD5:   251748 ea23cce32b15ed7b944ceea15a7c28c4
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb
  Size/MD5:   439876 f4511db24d690e234e2c6157f6f0d86d
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   302752 cdb9b9f31fc890e1f81b6b84e62e6743
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   375884 261b8c8db1350e1729a58bf14455f0d2
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb
  Size/MD5:   242806 0d259ee4f74d911e61e8d6c1c3fd45a9
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:    49900 6cd998c1385119c61c656454fcafdc57
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:   848976 1de01ffe87bc9aad344ceebf57136501
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  1414328 fcd5128c61ea7c91f5dd0fdd67eb04fd
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  4048070 8a20c1e88020a82b1831541874ce7c48
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:   294524 6b2619e3fbfc72356dc7afa6ee3afa0e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb
  Size/MD5:  1564542 9ba68a1f137e86d212d7eb264008f4cd

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   117358 a678e7f1914fdc53c66bc12b2563c104
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   677468 1245a799d53d0326992d1fa22bad875b
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb
  Size/MD5:   227264 9c15e03342736754f33977e838c6d801
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb
  Size/MD5:   415384 7ae6d5bbe1a4bde544290a80a3e3dc3f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   279004 3551439419ec533ee6e13b4ddad9879f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   320798 e118c7ba341674944cd61dce7dd45266
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb
  Size/MD5:   216576 9357f5af25709f7e2c5627960a1c965c
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:    42444 13fe0025f651e11decf5072e9ba7c88e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:   748738 8c8fb9a5513045b418ffc3c37337aaa9
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  1241568 96276d9b49ce87040e0d355de948d7af
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  3531364 addce36a358f8e1566118b490517d0d1
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:   294542 401c8007c96f3468eee908422fe384d5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb
  Size/MD5:  1382554 bfdc3acaba7eae4bfa8f09466c1a14f1

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   134248 3f73867444b6902b21ece5e88bda5736
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   708456 fd230d35b21882e8f33a733571589eb3
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb
  Size/MD5:   241444 985d65e2f522108b58cbb7101a1c4e93
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb
  Size/MD5:   429892 e96a4115854d6b32907a3249bda2a0b4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   290970 714aaa371169f80396afd1d5d0bc082a
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   369962 cda66f3b003f5faeabe2225356ff414c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb
  Size/MD5:   235378 3086125be0dd5bb2480f31d4a21b46c6
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:    55158 3d6a6b1cf5be95e00a48e5523d641d29
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:   825340 a5329d0d2322ebb0c2d102a47635216f
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  1368184 0e1b6171168a996773c760b8b875648e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  4076112 3668d14302e64241292219b67e1f9659
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:   294538 5ef1c38d239ef6e6ac65d852d96c1665
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb
  Size/MD5:  1506656 fc1885b7b5f482fe734f5d081b072b51

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   120076 f0524701f9defa5d49f80b333dba9161
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   683560 22024047655d0a6e26c484d1d231be3c
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb
  Size/MD5:   222408 4a26ce30531b338bc5ce9e16bfcda691
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb
  Size/MD5:   410888 897071c782c16c0e3000a9c4586e184f
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   297866 0775567bab801a064f92e79c0939886c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   321246 8e57f2843bf6cb39a8cbde389c740872
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb
  Size/MD5:   229820 c0e50a0ea242052b971dbd43f4144d6f
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:    43880 705741e8b4a3cd9b591da2a1b85db401
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:   758608 92ca7b1ee8f4509a4222c1dae58cb288
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  1313218 208167a5f9f5d074bf1f162da5377664
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  3789064 d7127a902bc8951e03e70baece970b34
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:   294998 c2d3c3b6673c8c8f70d23db3712c134b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb
  Size/MD5:  1445764 a1efd9aa2fa04d62f69771887a5d557f

Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz
  Size/MD5:    32265 c95bae22cdf8aff7dd045ffd19b84acb
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc
  Size/MD5:      804 3c64a49cc8029e44361ec5b5dbac0a96
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz
  Size/MD5:  1451392 a584e84d617c6e7919b4aef9b5106cf4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz
  Size/MD5:    21080 14f360ae2e6a5c3a535ba34244f513c9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc
  Size/MD5:      923 df21beb2608cc68aa140d315041d9795
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz
  Size/MD5:   827186 b4cb7808df5804efeb457043fed13782
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz
  Size/MD5:    92001 cbe621e817e97c8a67ee7465bf3fa266
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc
  Size/MD5:     2020 e4b095a246fd0a52f314ce371b3e0cb6
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz
  Size/MD5:  8388609 15852049050e49f380f953d8715500b9

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   150940 92d6b1c0aa652e6e8f013ae4048f4062
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   668960 0e5ff244ad6488cd3eb801b3768b7eda
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb
  Size/MD5:   248264 4328e1df8f13a92086bc6dc0c43add50
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb
  Size/MD5:   353738 c41d6ae077ca5f31a25cc0f58cbd93c9
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   305140 eaa2799e4a889de2924c16629750c749
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   354690 d06520d61f32e74f26764e6dbc1c14c4
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb
  Size/MD5:   242998 5e24330de281bfc1bd33341abb57d967
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:    57434 5edf610ecbdd99e59f118959ca0eb414
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:   813654 4da55af97b7c83f85c557df79f66c0c2
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1427180 efafeb1045b436463419496481cfdc78
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1608506 39e8887d0c3b1d4b4059a990ccacc07b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  3917424 d69cc89a0777f800d5e74e3a8041fd93
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:   297442 b41410b7b585f2960827f912241891bc
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb
  Size/MD5:  1579394 facb0f2f9c2722e4d07af7dea9f838e5

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   134026 6a3c9319eba74a20e6f5c0e3457a2e97
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   640492 bb5ed3196a9e9fb626c17d96f40b3b2e
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb
  Size/MD5:   235400 cde67a8b74de363b4d3e1abe0f41e781
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb
  Size/MD5:   341274 5aee6b86c26c312e17acf68808b737cc
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   291958 2344c15719ade83c6e125e29e4b86c23
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   336952 fe81984c7c8cf4a8ca6a0f44998bc0eb
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb
  Size/MD5:   226028 5456ac2131d824a096d1e979cecfcea4
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:    50646 23cd4f9ca5689117c09c43ebdcfea49e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:   751476 f3769d8fb8508eca644db0c8d9530a08
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1327210 73b1fa3c9d0e365f029962cb4e920b8e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1498720 e7e629d60198742c9040687d9c02d108
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  3563454 7f18073d92ab9a8a5fbb096b483598b5
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:   297484 7d506b6a3fee567e20a2a5e7aa6c2bc7
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb
  Size/MD5:  1475138 fffb6ddb7a71160b492de7c8987cfc9b

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   148582 24a4dc3fcd4e9ed1cc439178926016b4
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   663380 d84c7eab9c0a1678485b5c10c99e227d
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb
  Size/MD5:   241628 bff6e436dc7884091e9a159425fb3345
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb
  Size/MD5:   346870 8da887f46827f7a148b9d5573d6cb526
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   295948 e373a2fb962bbd917ed1475707925379
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   353796 9ad2219e7d15c1e5267c922f5d518954
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb
  Size/MD5:   237280 a187dc106461ded50a6cafe3b7e5442d
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:    63432 d611ac901c34e99a1cfc77956c6f42c4
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:   797454 d0208072254a9e1e6041b12f660a7cf0
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1401888 9af060d4e15bcbc8bd55ec3b77f8f733
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1565976 22e88a95a1d3dc23299f782df124578e
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  3983002 3345dba424bb25e0862b66acda8747d8
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:   297498 55dd5abe4abf1c7ef441c85dc070e68a
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb
  Size/MD5:  1541334 474f69d831b778c5825ae02d340556e2

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   131806 c3d342df6c666a6ff77ad70c7c729297
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   635934 2ba5cf3a10353ed63a2b08a5ebd038ff
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb
  Size/MD5:   220156 4f9315e0d159b61aed69ae09c8282b82
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb
  Size/MD5:   325494 95813d719f39a3b86f6b44cda4519a83
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   304582 8bca3c95b9e5f10d08357fb32ffa690c
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   321526 1765ba83a127b01ed81632785688a0b0
http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb
  Size/MD5:   234114 fd5c8e1b70051aeae6d189037043c23e
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:    50314 9fdc77ad9a5448d3b92c3b05fcfc4ac1
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:   733754 8d5052a6cb973b478b57efcf9535020b
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1344340 10ad7e4b138b14102ab3a396fa31255f
http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1500142 801229631c468c808bc3570a02f36436
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  3695516 c037048a7c2971f1c064e1644083a738
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:   297856 45e8359cdae581b6ab4d5ad683a4ba89
http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb
  Size/MD5:  1477724 8d6c6d871e63e6009ab6f9be3b10300f

. This request is used to determine what resource IDs are available for use. This function contains two vulnerabilities, both result in memory corruption of either the stack or heap. The ALLOCATE_LOCAL() macro used by this function allocates memory on the stack using alloca() on systems where alloca() is present, or using the heap otherwise. The handler function takes a user provided value, multiplies it, and then passes it to the above macro. This results in both an integer overflow vulnerability, and an alloca() stack pointer shifting vulnerability. (CVE-2007-1003)

iDefense reported two integer overflows in the way X.org handled various font files. (CVE-2007-1351, CVE-2007-1352)

TightVNC uses some of the same code base as Xorg, and has the same vulnerable code.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352


Updated Packages:

Mandriva Linux 2007.0: 68955a65584a1c964141aa1d0e44f7e0 2007.0/i586/tightvnc-1.2.9-13.2mdv2007.0.i586.rpm 9928944d22067747b5427a15ab59c853 2007.0/i586/tightvnc-doc-1.2.9-13.2mdv2007.0.i586.rpm 9a6643c4c00c3d758a204e1b46969914 2007.0/i586/tightvnc-server-1.2.9-13.2mdv2007.0.i586.rpm 0a4abe1c964ed13e3d445efc0c1dd244 2007.0/SRPMS/tightvnc-1.2.9-13.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64: 700ed069013c7cfef989263344e41dd0 2007.0/x86_64/tightvnc-1.2.9-13.2mdv2007.0.x86_64.rpm 8a8c9a1721c9521d2224da5b73ddaf76 2007.0/x86_64/tightvnc-doc-1.2.9-13.2mdv2007.0.x86_64.rpm 7a6402ace347731a1ae8722d80a75638 2007.0/x86_64/tightvnc-server-1.2.9-13.2mdv2007.0.x86_64.rpm 0a4abe1c964ed13e3d445efc0c1dd244 2007.0/SRPMS/tightvnc-1.2.9-13.2mdv2007.0.src.rpm

Corporate 3.0: 65109fe6bab801e11e503b60b308643b corporate/3.0/i586/tightvnc-1.2.9-2.2.C30mdk.i586.rpm 3b08614f635cd9cf8b68d7c76d30b345 corporate/3.0/i586/tightvnc-doc-1.2.9-2.2.C30mdk.i586.rpm 0e61567902f05149ac4f08e64953febf corporate/3.0/i586/tightvnc-server-1.2.9-2.2.C30mdk.i586.rpm e019fb72dce33e1dbf2e6f7a3bdcb384 corporate/3.0/SRPMS/tightvnc-1.2.9-2.2.C30mdk.src.rpm

Corporate 3.0/X86_64: ef2e7129cf59e0dbdbf783ebbefb7e43 corporate/3.0/x86_64/tightvnc-1.2.9-2.2.C30mdk.x86_64.rpm cdd378ae7999c118a7dfafd0c67cc674 corporate/3.0/x86_64/tightvnc-doc-1.2.9-2.2.C30mdk.x86_64.rpm e30948128bc10c8aacc06694d986b1fa corporate/3.0/x86_64/tightvnc-server-1.2.9-2.2.C30mdk.x86_64.rpm e019fb72dce33e1dbf2e6f7a3bdcb384 corporate/3.0/SRPMS/tightvnc-1.2.9-2.2.C30mdk.src.rpm

Corporate 4.0: 173bc482a466816a6b0c5a8b5568b8ef corporate/4.0/i586/tightvnc-1.2.9-6.2.20060mlcs4.i586.rpm 5b274d7ac4cd7758411ddbafc885209e corporate/4.0/i586/tightvnc-doc-1.2.9-6.2.20060mlcs4.i586.rpm 41fe3f9509d09eaa69f915afb348fee0 corporate/4.0/i586/tightvnc-server-1.2.9-6.2.20060mlcs4.i586.rpm 2651d5941592eba01e6acf47382d9cae corporate/4.0/SRPMS/tightvnc-1.2.9-6.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64: e1aef1895d0bbbc24690e778ec848d74 corporate/4.0/x86_64/tightvnc-1.2.9-6.2.20060mlcs4.x86_64.rpm 54537c7aa36eff300a96daac296af9ed corporate/4.0/x86_64/tightvnc-doc-1.2.9-6.2.20060mlcs4.x86_64.rpm 342dc521a4cf33fdf775f0c13191a552 corporate/4.0/x86_64/tightvnc-server-1.2.9-6.2.20060mlcs4.x86_64.rpm 2651d5941592eba01e6acf47382d9cae corporate/4.0/SRPMS/tightvnc-1.2.9-6.2.20060mlcs4.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA 1294-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff May 17th, 2007 http://www.debian.org/security/faq


Package : xfree86 Vulnerability : several Problem-Type : local Debian-specific: no CVE ID : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667

Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2007-1003

Sean Larsson discovered an integer overflow in the XC-MISC extension,
which might lead to denial of service or local privilege escalation.

CVE-2007-1351

Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation.

CVE-2007-1352

Greg MacManus discovered an integer overflow in the font handling,
which might lead to denial of service or local privilege escalation. 
This update introduces tighter sanity checking of input passed to
XCreateImage(). To cope with this an updated rdesktop package is
delivered along with this security update. Another application
reported to break is the proprietary Opera browser, which isn't
part of Debian. The vendor has released updated packages, though.

For the old stable distribution (sarge) these problems have been fixed in version 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc architecture, due to problems on the build host. Packages will be released once this problem has been resolved.

The stable distribution (etch) isn't affected by these problems, as the vulnerabilities have already been fixed during the Etch preparation freeze phase.

We recommend that you upgrade your XFree86 packages.

Upgrade Instructions


wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc
  Size/MD5 checksum:     2642 189d0d7d0b7dbbf26755923b438e5e4c
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz
  Size/MD5 checksum:  3644476 e3ae500a08998d20996e1b386253e1cc
http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz
  Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc
  Size/MD5 checksum:      623 95239010d328848d69bbcd59df29ee1b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz
  Size/MD5 checksum:    10664 ac732ace18f41e829a3c38730934fbc4
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz
  Size/MD5 checksum:   202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8

Architecture independent components:

http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   159434 d8aede0aaa9682ba7997447110d31ca5
http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   216476 5401b81557f7953a5e476127544a94f6
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158730 8f841f4bc6efc65cc48e468163170116
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  8195040 c3c684a6c8a3a10f280ce25a6523fa50
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  4363090 0a9af1fd8109decea7c5e2bc9342a1c7
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  7073122 b42b7454c680f94cf4d912d6e263c679
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  3840910 eba04ef15ba7280352b8731e2705726b
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  1203680 546bafab0ffec15de52f51983bcf2c07
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  5490622 7d4613aadcadb86fc4242363784818ba
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   541216 16dbec56de243edf187e52c650532e91
http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   901006 adf45fe9c5d1d84f912d2a9b789a1b8b
http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   815600 154c4731c74c14685319ffd2e5535f79
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158582 5ec2b681939a466c832c7b91a6c71589
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158596 2a90dc555891313b58b5b0d11e33b8c8
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   907066 a82eb5f3920df1c3e4c42c212efb78a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158648 bed92016a1cedd08e985becce0aadec1
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158646 e55d85a5a7d6687cbf802575038344d0
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   158554 96ba78abf30b4e2d087f2797625589cc
http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:   426718 64389fde8c4cb693fef2a5953fb2b109
http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb
  Size/MD5 checksum:  5835466 28f15b50daff3453e208642777c1c311

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   284996 92f0024fab7a481cd4e34dc024f457aa
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   441170 70ec1d5a6b3bf7a36863360747e6cdb4
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   313428 2b07fef9a8355e4d43947a1a63aff81e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   822188 fd73dfdda3bc273ce185908a3720c45a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   230570 9ab3ab85a12236d862e78b0f0f87dea7
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   209934 e15bfecad9eab9fb197772520d21067a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   295454 33ccdd1fc0dc73ccc66a45c0ae8a290d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184480 3fe3048544b48f0926dbf6f4d163dd0e
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184848 b5c69e554bcdce7e1baecdb8a1cb5c9c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   209954 49853ed0ce0dc522e9f43d77ed807137
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   816088 94c427b0abe62c425b2bcdf372c792c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  9804934 4623cd96de525311a862c2e1fad78344
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1576092 8e18e092949d8bd0f9e5ffb9d7f447e9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   317732 e2f03ac371b2cbb1a2b84dae43959f3c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   934034 af848a96c5dabdb756549d66f16f5ad5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522864 fe5ee0cf23f25f8e625a1428f90e39d2
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   382736 5fb1194cbf510977519c2f99903f3e8d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522770 ff4f2ad7f5a1fa456abc16994685c6b6
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   265026 facae3a81139d2ce5a0bd21cd665e2ca
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   196480 7cf0508ef339715f25f1ce5707de2584
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   522270 1c140d44feaf9074fe7209933917d36a
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   195706 6b44c3f7c5020cc71d3122fdb43380e9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   481102 f3cba0d63e52a2af0e63b1b052453089
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   240792 5025ff049d9f7deb22e11a300094187b
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   186222 7c8e6177656e754587aaa42e8083059e
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1182630 e2738f6b53b5aa55169fc829aa2f3c4a
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   244840 76fed36704d9ca23cc4a91c321490b34
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   219782 bb1280080a6db83d8a97510c70dfa588
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   680140 9e24b96bf063fc9ce13f22fc457a50b9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   164774 a41d399a9f2d550f1ffc8b1095c4417d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   172674 13676ac5abfe9594642adc4c054014ac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   210192 79cdcc5df1939ea1126859397db7fc57
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   187902 dd499bdc63f54559b3e7978c58067a7c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   182996 ae344d4a81325bb7de8b95ccf977d6cd
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   576046 a1f7ab50d292c9682de56abdc1539e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   212166 54359c662494bb8f9798eb530b05c39d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   204384 89026d497d9ef72ba5c8cedb005ae99a
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   253810 07d21c94db5f5261077163a7fef92363
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   173260 621062aa574e5a4470cb2d59d58d4364
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   172984 a53a8fbeb82124fcf1ac73b47246e654
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   203096 9fd958db6e8f017b01e9471e56225e67
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   713138 5ac37e4a6928ae1d6214c1ea683cf532
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   361134 4e469b9b10ef878a3a631b58e3b828d7
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1587114 914c6b4c39ed31c2fbee379e2d0ba25b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   191798 af942f90192c1b423de6ff15552fe7ac
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184318 461e3515c225271484349872db566ecf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   411934 25f0ad51173c5b1a91c657f1218a79ca
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   176406 8c0975faeee6e39952cf1a8ae7983ac2
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   177950 991487364f13ea794c44c3aff02a8342
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   241462 716284f0af443ef15e5a3a2c1753baa2
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   193636 8eb36dcc7cb99f393fbdc8fa315a0cb9
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   174330 9f2e68247409abd7359cccd02ea2ed9a
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   206192 155c096549ecebf30bd0b6de96266cac
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184952 c60abc527075ecb5c2effb72411506b0
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   289606 9cdbb7e62dc88b2688febd15e62092dc
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158684 ca7c7c54102b761de517ef8c7ff9f76b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158738 e9e98a97d36c517bbff6f7451e8da8d0
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2376330 27c274f345160933475691031385b692
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   327180 32ee0206f299daf84c440520238fffdb
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   600554 6994f0009df1a92aeba7a11a6a72f4e9
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   184230 7667cbb1c995ba9e2216d51342e67f06
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  4558712 5f077e532f6aef7c0d16f55d37b37a87
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   351116 5184250018192b80b4d09e24ae0f96fc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1339534 abc46934dea4b20c63e577f6974ca8f7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   816672 9031709350853f211428feb2802354da
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   393160 6322d814900e1eda70a70e08aded0051
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1150632 ce6676e1d7b13f8a28d95ee787e19fd2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   537396 958d4ec3a45f1bc1effa47a358368472
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   158482 d5382eb6f50ba085a7cf15e352e85910
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1007052 601156a062591921fa46a3212a868ac8
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   811486 8b324588f46711216a44ece926bdcc2d
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  4640908 2688e37b3f3ad30257e74afd5ee95310
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1114488 77e08891ea808d8869350f8329852d43
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   490082 8d3580ee576dc319be0ce3681706c9a9
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   246932 61777c7301c1d3ddc00e8acdc3c0bb2f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2088768 28613cf2d2f1bc5c0c12c22e68e9878c
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   331698 39f4331d0c561f6e5aff79af12be34d7
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  6595862 5cdcc2dd8744fd0cc46d27de86c66665
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:   550006 eca34c5b462dcce8dd12e7da120d5159
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  1033800 744333bde498149283ae7d7af7d7f460
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb
  Size/MD5 checksum:  2271050 c10ec9d6fefb6b5d1f6d429024e1e833
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb
  Size/MD5 checksum:   148190 50852b7df4448215e4d3ec188f9ca24e

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   262298 1ce19c8bd9baef60202cd3a97ef520dc
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   367224 848b9949b6ff456b4543ff3579edba4c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   299272 3491bfc3583d440511b0bd8687d9843f
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   798094 3cda9b3a44c3445a418567f2c19007eb
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   209850 58c642bc21913976fed73c4611e63120
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   205372 1c7e44bf812e2d336f13103253c45545
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   288966 0fd8fdd5b67911693c9ff03f589e3e1d
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   178436 cdaebc2f0a0bab775d04cd8f603a1b0c
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   183446 7fcd4b47cc4e44983b8103e202faebcb
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   207798 37d7f9a57604895952f6cd07712be13a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   749416 36e10229fd2ed52bfc595c8b708fdb71
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1421668 0f0093d5081ad93c1154d9e4cae3ce2d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   295162 c0161225e5f92dd930b8c2f582acc80c
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   903762 f48cf6f781708a7eb7b309cd823b2877
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   440728 5c9d6a694d0bd09f6be2f32c97eac671
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   350892 67fcc3ec3099427d4767c6e4427a9391
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1044460 00f7bed4c6bf4bfe2228495826e6f4ed
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   440628 701b3a51c651e67b7e2c18e11e30458d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   251400 ef31c9173b291ac5d78348a840674f79
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   191154 36f3fe9c393cb0ce2dcf5730b0107613
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   512612 3dee7413902951b2a7dd383bae5f0d69
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   192936 b64eb7b1d740d0b107215b291184d7cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   476486 92c4f49830414e0dc0341a7ab9efee24
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   233066 4a1a67f6d6bbf17baa360d4fe3d2de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   180474 4f4e2522cb226dfa17d5ba9b0d40e926
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1168298 32785a1d0229c721785082055b4fe145
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   226012 7199fab356a9c6381c0a1119bfe52e98
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   212288 6c78ac6ec10145825238b283d4a8ad62
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   662854 45c8aa47be60747fdebe6c34845b707e
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   163456 85bd979736e1119dbe5c73d420d83013
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   172100 4f4301a328b952ef0566b8d7c43b1c40
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   208938 0ddf06170b98d7f0f0d7dd8932bb1867
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   181560 4cf60ff4d472ca7ddac86633e4acfeec
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   180494 45e08ffa571b1b67b08a0d5c2d75e285
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   569452 3569f24efe2174038b829d5d05f1dc82
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   197926 85b5527de1a09c351b03f4018a64b406
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   197300 065147ca72c7a3364f450c8c781fab26
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   247486 9c213618f78a041491f76de00c2577a7
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   171968 c7e9e49de0cb61453be5ffc2aa94e74d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   172104 4ead3bfa45d1ca8957e5e10c1de03653
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   201308 bb9e5c557e50a45930b680b8f6468806
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   644166 a10f0657d008a8f086b07eed9706b041
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   346064 7ebef79c15df3c822cfc57ab443ee315
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1552102 7ba29d766762336706712893e21f8fbf
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   187202 1a1c28f352c671bc5437e52158c058f1
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   182508 e8edde7b41222fcb15b5c68a148a805b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   413140 e55e37fe1e0224a6d225e88fbafc9607
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   171912 e4d12ec69ebb49ad62d987505704f967
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   175416 5c6da5160e9441d30e0869817ef15509
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   237626 4655e7033b095f39dec9884ae45aa832
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   191668 b091ea03ff5acbf27f0e0b7a74bdf929
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   173528 0350d13430157d5c86819cf928ff29ab
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   204446 f7ebe443d878728a3637ab346c311a63
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   183666 4d2b4de0f1e4a77261b90d25eb770613
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   277370 a8420df28b4d294f7bec2e104cd44279
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158794 f8a1514fdca77984512353d0b5d1f420
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158848 2a03cd93698571c4a13512ca990a8db2
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  2083786 97d1d4ebd6a452a2ff83928bedbb31d6
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   318224 59a6e966e6e49595101e733479eea356
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   516518 2124d855e582ef5e2012daab5a8a600a
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   182408 7ce0f38da0445d6a68b41542f655ac43
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  4202892 fdef8312cf8f94710eb818f21f3bd52c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   333556 d64d8c6d1bb0e5f979a38b5538f5762c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1316908 f8accdf7495d3f03842f03d4c4f069bd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   735302 e548bb1b381140f6a5133c491178df6d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   368324 730509f902394ab4534bc213ee093a71
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   460486 339cb1301a8dcc4bca57539c4a7d9c24
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   158598 457cb5b6103df84a88c06f618cfdb9ab
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   789176 422bc34409184b39cb3f224954e2a50a
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   686604 393409c039840d0b0757d82f843e3ade
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  4489970 b8e7dcf3952f41fb2812905ffc561f7d
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   889632 e0b5d43013c6bc904f40026dd3c06712
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   400280 4e16b740df809e4ca7a02b971a251d4c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   236366 3c314ad0880bcee610a3e37f634b744e
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1620482 f703f2c8e36bdf4cc943b3abe563421a
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   337152 a8751e299ee2bc2fe354fd82bc4a01f3
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  5695770 e1de32c84f307dffe6c64100b38525ce
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  6039138 6e451f23e2b38b6c4f9fe1b9d65a62be
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   521528 9e2ad4fda8330b388f5efb0cb59c4d5d
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:   962224 0380eefc014116e02bcea08a187d3bb6
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb
  Size/MD5 checksum:  1763954 d099a99b9f35f7c2a92fba27851f1c41
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb
  Size/MD5 checksum:   103960 e10dc9a0c018be14c3941d097e61a263

ARM architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   254506 c4bfe2b890b7f1aa92a6ea50c8fda17d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   353848 d83d9bea399500268bda162ee4d4d7f9
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   274282 b6b25b1e771e3a003c3ffd2665dfaf7c
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   778514 1aaba6276196c2965031048943a106de
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208310 93bed067f155c25a867a36f228b280be
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   200248 b8a08cb43eed69036fa08f885785df01
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   285400 94e59aa1305da66cd82e7cd736b4eec9
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   177720 fe578cfb4393d969205552b9904f0eb8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   180490 45723695fe5e39496c503a4716f47cec
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   204986 6b5f5c883b10d0df4e36da876684519b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   708938 c7a004360821b10f119b823925f7b4d0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  9661608 ad3f42ed447f33881c2a85dfa26c3ed8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1411312 8aaa1222ce69df4f196e85fad581bbdb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   283694 8bacc834c0bc7f647db4b730fde8601b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   894954 0e6d96ba308fe7899384736e3028406a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   437716 9142fbf29b65c4df6f6cdc31a02609fc
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   335288 e375c507a70b653c95f5df809651e349
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1029416 7fd74f1c7842bf34e75ffd4d1748a920
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   437618 a5fdf7dc60012ab80d091d6b86aa7921
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   254630 654f145f734a4ec8dac276b77b8c5c0e
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   188842 ca9cbf1890dcd8be553056e006fb9188
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   511660 0cbc8f25a45a380fcd7024a3182ca035
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   189158 28074b2cac5f6d2567a07838adf5ddd9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   471094 6e7bb9a3985f5d78d5923b889c46c82c
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   233430 995db9bfc5b8db3e1af233263d63c237
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   179462 93ecb7bd10f52380b29ca88a18cd3855
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1172306 6510aa4bc254dc1aaf4a718d6ade928d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   223670 a845d16a971ce1cf0bf4a62224a9fbda
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208072 908593679b7fc7e8da53b8c034fcb3c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   664842 71c12addab4acafb4564f181cd57eff7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   163218 04f22173f8dbf2330514507150dfda2a
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   171618 fe9c60b4d8ce2b6496bb9d922e54ddfc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   208674 83f13a1c2d164a7298878766f2d735c7
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181310 c95d79bfb7fd207f4d90622d3d8c3071
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   178266 5001d9e620dd228aadff0f7dab2dd942
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   567858 97d087ed756b6c6fcda1a66be9da8095
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   198280 462db4041e1ca77b658bdd6ca22808d9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   194454 2e989bd9bf07a72a21a313bd7fbf9d46
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   243848 b676a5b4b52aad00cae35996a99293f3
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   172170 11b217f5e995f7beb31c047545c33abb
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   171718 7f71e6890619d9415c78dae14019866a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   201068 766750858aabd3e4ca693ed92c7da7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   645466 0f2f37d4f76e79aee71893595c289886
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   327336 aad47d15f3b07d709e3bfca61f90f695
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1539196 220a5d415800dcbc9aa05928b95babea
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   185942 8a041e7c63ea5a48eeb87329af17931e
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   179524 490fdd28d4098f64fa080ca98124a150
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   413616 ed79f35c87fa43b63c5fa5a5bce10aa8
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   173084 3a3b10c302b21e328d5c77c92a11d53c
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   174796 22382068183a2f25fbb2630862fe6c03
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   237432 2f9c7d966572c7c508bf1f4eb951eb18
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   192874 8a02b3523c09a5d20c25e2499c271ed0
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   172932 58f6c0989bccdf51646f6cc85a7ad3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   204124 719091e4ca99073d68a83abc356dbac8
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181896 0281298f86d1734968f570ec266055c8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   274086 32b425d803d2876474d59fd6095c18c9
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158788 9340b0647c7e0509f201b6030ba32e50
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158834 c3b39287a06ec827f29ff2961a6e5f1d
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1940412 a0311cf7769b8009f316dac534be27aa
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   309434 4c18c2e9b31637ffa4638dcd15c5e33c
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   500544 5b1adae68f8062db2b18595d791659ea
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   181030 02052edad72f025589d2267cf0c778c3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   280888 3e2f8ee82d0cf25240bd591c81fe53d7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1191474 c4abbbb972e895d75ee0ced411ba18fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   725146 fc5318a01d187d4b727c24ace68a241f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   352390 46290e6b3b8fe147aa8d1c2fe1481f36
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1098268 b79588bea1a524686b627b9eafcdadf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   459654 1f6ae7b019a5a824ae17df9a80a85b52
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   158588 5467c615528a5d4a9cfe3e76afef1464
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   908824 ec265f126c7d0b2cef91918bee54e051
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   409248 4224dfa3119d8d231192700e5eabfa2d
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   226552 3e82b73d832d529c1a6b7e64ba98dfe5
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1558376 af2dd08ca667f05a447d7d0ffc8b667b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   336698 0482b56c7f71d5f044692dc3e70b51c2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  5528280 3f47b74fbca3d0793b94d6c02ffbc6f2
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   508736 68adff865be90604a977176c9cf2684c
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:   906628 cc7ffda09bf14ea886d48f3c9a6710be
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb
  Size/MD5 checksum:  1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb
  Size/MD5 checksum:   106868 7e645dba8d76959991e9c624caf76eeb

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   264792 9424d7e1d21fb19a7bf3c31fd59c41a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   372312 c91f48c32b473e0e162b6b1ca0806459
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   306544 734eb14d0c2db80d2600986840e6ffa5
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   813736 c84b6a4e597102ba4775f472f9aae439
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   212434 bbcd96bb00f58417f32ea4329953233c
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   206934 c765a54d65f4f7eff593c622c7a66835
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   290350 d6934062e7680076fa5204fb542919c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   178552 2491a6cf3329a1b3e75050c93e422cfe
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183590 b6c26839f416745c82e35497730867c8
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   207650 4de6cde4c6cbede4b5d22666ad941122
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   780302 6c521d1bdf4177266123eeebb59db7e0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  9906326 bec9e8186d854168c96292f0cbcc2f30
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1443564 6f7cbc5293caba59f7d76eba36ae3b85
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   307060 1f3d61dc3d9552f1671b9850bb8b68ec
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   926814 2df67d8e37eea2f3982099958c7f58d5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   454834 0691f5a5e1241f1dab1896d38b30521e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   367534 5858d24a08a0ae6a2a5584cd3e24ec34
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1070688 889919869c53bbb0a4fa32f4f81643a9
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   454720 471004c0aac198ea9fc5c38d1fc092eb
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   253758 b424edc08b899316821c70525795ac44
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   194058 2f7cdc4e84eaf340a7d1cbc3399e49bd
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   524662 c41b8e84537da3673e6deb03a6b00ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   193438 8fa5c65cfc8e6d0fea7b698d071138f9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   482956 265fe13bcce21d770a6c6d597954f0ea
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   233902 fb2f7de98c3f5b1e7430c535e54e7ddf
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182062 6dd46f3db2fa404bb522b135db426d96
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1202862 16284f5703bf36c82023c3f9d35835c3
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   230482 69af864210b495ecdf205cc503ab95a5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   216180 b9cb762a3288b979cda8cba6469cdb33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   684228 cedf92752aa08f4ce65fbfe96d2e3702
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   164026 7f6e983d2bb07ba429c0a224574301b7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172904 983a70b6e4b52541e6bb8b54ecd469bd
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   210406 0d9c427d666629366d9d9a69fe498632
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182556 5b44f2ffb038758a013d0d86be46f736
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   181626 e8d9d3e7ef2d9e4fd32d845df42b436d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   577962 75302d045e4147243434844eef3ab539
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   201518 6d1b92e93e4e3f9e1c180124280e3703
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   201996 db76f8d685d31e642f624dddf865a8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   250654 256d02fb05d69adbf774cd9db296ce85
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172394 51fda3af7874e80bda0336b767b8ecfa
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172682 819c2b22b4a4d4f4e69e4c571a58683d
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   202344 e6d067d3255b9c23fff4fc7f51c2608c
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   665382 db08734e96056212e56d6f45c72b7b46
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   358688 dda0a4e43071aa9fa663fae4acfeada8
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1569924 db27d054597116e63330d43b060f80e0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   187684 657c19f170c386aeccfcbe896de0f381
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   182544 d628379cff2189fa57ca6276585752f4
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   410980 e0d6fb0dcceea37d3bfd820392f7bc61
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   172844 8d041b5c14691c937dc5d97fff283c7f
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   176412 0f976b467fda140f96bc4d571cd1693d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   239352 f6be64ed56faa4dfc2e0fb5e0989b83c
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   192220 9a02c09b3c16ab073ac3c4bf46b7a212
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   174108 cd9a6247282ed00294bab503e4c81dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   205572 57303e5edfc3a91f074cf354b1c4ada4
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183914 015d754d01788c8d4a1780ea27a1126b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   279790 6c9e6d652a415222746a6c2a4146249e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158792 0a19e673ef1b669c9bd3160fb3dc183a
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158840 a8c4f30320308ba9ef0196b4dc2d60fd
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  2117262 250a9d60ba2becb670327a9f78315610
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   317244 508110262fa2e49cf96cf9eb1ab6a0db
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   546534 892f8c24b7392fc642bf6c2486023ba1
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   183002 3a4d3f2e8bb6c62501962d6592d6be10
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   339374 059d5d64e82dc90a540a068b551d7258
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1261264 7c28a6385ec39831b777520533085a59
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   773180 d652cf318d2aaf08fb64c74fdc4c64d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   403704 cd9201d2131b1ae8bc3cf9096b067c78
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1175934 e3d0d49bec1b29acb9aad2cc3d38a378
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   497318 21469a1bb347d03ea83c0130bc4820ec
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   158592 20258fd573b5a6e0ec0526cd7dbe2a6a
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   956362 40bf15e3f897bbb8ee8955f25a520189
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   422808 392e0cc23412a356d67fc07aa51bd4d0
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   237592 743bf913ab9198295e3c045ecbf70a2b
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1803862 7aa09096087a983e7a16fd210e0c6901
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   337492 82807bc3b69b4efe86c0a3aea38b8527
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  4100222 3ffb5b75498897f6a9a3aff0d05003d9
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   530248 979dad322b0b9e1619758cd8d5d72f07
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:   977232 1b525f046ce3fa3d84ff0bbd1c72b0b3
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb
  Size/MD5 checksum:  1969386 ac1a2134a3afc4b680a31526ad220c5e
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb
  Size/MD5 checksum:   115866 a101d8b69db97092f3e52541be1460fa

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   250230 3ad753c5bf9399dc00645876680e83be
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   342276 c1f9f7c6dcdd7153898727d128f58068
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   286150 81f15d2bc7f03b0a881d82565390f380
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   782768 c55920ea0f7d13e63d5061775f4943f0
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   205356 b56681e15102a887507bf3285732cb67
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   203514 4cd8e50adfffc863b0a3c0010dd5bf39
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   286264 f2f54740eb60bc96eb7b39817e4fcfae
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   176718 832a20eec2a4c8d198421514f47767c4
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   181274 4e7a1ce300e1787728ae9c43b49842a9
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   725158 eb243b4a9e705f824e9b81ea9ce3f92a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  9600288 94eb5086f3528eecc740a6a5454dfafb
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1358436 c46f41b1b294751ddd81fa325bf574fb
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   285434 3ec944fb16f03ff2191815789b926885
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   890614 5ccab68e345e79b9a5f87c24613ef434
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   414284 8fb663257fc2aec2637fd15e4f95207a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   338666 4ae310f5dd35bb1a5735c6a9937bc29d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1025578 b67d080e9096b5488a9a67ffbc1b55db
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   414194 1398106e83b08b50a9c8bd86487858c2
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   246880 eec68ae5de683b31245a248ab7acd995
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   188456 bb2d50b4439ddb8fa6602c36893a7a70
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   507564 bc8514376d15899b530608ee6762e222
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   190786 de17e522a4a47b3c8594140b1c832042
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   469928 86e0dc5f50e01d92505ae4565665c457
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   231136 947c90d63fbb09a0435fa84a73800b18
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   179574 c040ea78299a4a77cbde6965487be65a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1166540 eeda20ce5fd4f83c098fda0fdd663e6f
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   218400 5d475727a2de404128fdc25622d6a5c1
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   209834 fa5a4db6f1de17988bdfed4e64d66f66
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   660018 1a98de5deccf0642e85c5bbf44b158ec
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   163124 dfe3c393889e2ba0bf421164956903a2
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171780 0e63f6fb0fc805769aafede4d6be14fa
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   208498 45c2ec6249fd478854d6b51a8ff64d03
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   179038 196d08ddd654b7095b810bf2704bb668
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   178710 935bbc6c8815b64fe9fa01cb39564c95
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   565340 d93c4e35f9a79c72f11cf5e61e6685fb
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   193686 1311a58096d095810db6de874403f144
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   195898 a8c4f1a3cca264a4de38384909ae0527
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   245344 3bb2b5834a63fa1f6ee7f6f73455b14a
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171098 c7b8b83b09b599b65f41c2fb2df9e5f2
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   171542 9d8ba30823322ea55436910855236d40
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   200314 db2359a4dd12eff662f17d16eab080e8
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   614302 115e64adc6c74af37bacc0b4e54fadc2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   329404 1e75dc920d8fd10a64dc014b05730b06
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1529654 18594c501817e10451893310347ad4e8
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   184890 132a6b1b5ab8f182ebeed781e053ebeb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   180554 6f49732e209e38e6dd779252671b963d
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   410264 92c96bc12e1fe35ed18d5e863b71691b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   169914 24a5fcdc4ebc93491a0f70ea2d5bc26b
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   174482 fba1ebdb9743a7973b5d3d5f943b1521
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   236504 0ba491e7dd63b06e116becef32a9dee8
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   190596 81973bd063623df482c4c9feb53bfe1e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   172632 b4b5474d58ceb6869be524e7eedcde0c
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   203054 50753c3e0fee1e35bd290da7903eff5a
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   182762 b8bc97c636c1f886a306063ab2888a41
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   265068 d6ab5c744507fd1a9fe6a6828019d559
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158806 0c80f911f973bb7337586d624a6c747e
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158856 fc61c5e9ea820e7fd9e3510310245bad
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1941616 b050f50404e8d7bfd11296e4745fd3e3
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   309596 0f948324ca3602a56a9c6d6d7029b902
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   496946 04c400f07131f1fe396100ecd83847f6
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   180580 fc2e265ed3497fcf03781f0edb71b8c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  5009168 582136777e3fbd1102fded416f9bf804
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   283386 183aeab2a61618e245b585344cb1fd63
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   705172 6de19e9b1c942c1c62d165029b0dfcd8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   366064 1c48bae8d4491a4ff4b676736ab175ca
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1111016 9fc618a5c445ed61ea1099d44730d9a7
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   435082 17cc6e82fefac3ff0e0da0099fc261f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   158606 9c67005155a274bca06964f26be4da79
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   790330 984dc8f924bf799cd1a31cde08141708
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   662110 2b3d55d989a06edc35fd750b86258318
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  4582490 83d96569620caf3995c115f0182b3b41
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   855012 86b0f0f3c687cce625e825698ba95298
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   384546 a8ec4021a27da614968f11b1f0d84c11
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   226984 e02156abd0bcdde44b2c4ba6027c0978
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1467016 dc5564cc3943f59450e050d240ac6d19
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   336854 591e181619783ff7003be7ed6b20529b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  5744114 4ce1994ca3f0aa2035622d5f730c7245
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   509408 3a68d04348d4c4b53640706b960cb227
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:   912694 39f690caee0037461c210233ae9ea846
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb
  Size/MD5 checksum:  1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb
  Size/MD5 checksum:    94980 1c57e38030bc1c7311695cef03d2b560

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   301856 2536934226628d0349840161c4239311
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   423574 661cdf850136cc83b7a2f188e53a4e2e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   335342 ecc1597e1221d6752b87b9cbcadddfad
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   836740 1d1f928ad5a6075c7b8d26b479c037b1
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   229996 f96e4a0405bc4e66f93efaffadc4f2e8
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   220530 5509e9624abaeebfafa2238a8174552a
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   307000 ef2bcf7574ba2874133c9c89faacf474
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   183790 da2e6b761cfb3ef2da02967c0cc45b2f
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   187868 e4103966dc75c710d449c193d7b0c172
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   212436 b73882b850d9a14ac2676853b4e1365b
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   906316 a140bde98edf1894e6e35b655e617f5a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  9887962 ced2fb3657c9406a8dc3888d0a9c720d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1606148 f68d2172e7981a2922dc4da5460a52f5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   355430 d8bab5f8af5411b72bd4c99314b836fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   971308 98b9821f558fdc43c5b4dec4b50e82de
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   545418 0381b705666026787bf62d1b19a1d326
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   437162 b40b327b5b0224d4ea6284af48e0ab20
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1155500 7487439f9ba76ae05c3037d3db271a97
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   545322 899c08785c157f10f657e7acb5ede406
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   264566 5278642e58fb8cb61ade54ae9ea00125
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   201316 aec4b6a598c0d37f9ee2a7c434560ca0
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   525084 ce9b348e4f455a0e236c8abbe88894cd
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   200834 9ab987825769ca0885bbefb655793bfc
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   484850 f43c52e902a788f0bc47dad4670dbc13
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   241416 a6c1ff2791d41b528d34a2a5b7e0cda1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188316 70ec23e87366fe5d62cc6237a34df58c
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1184954 478f63c5a4364655aad8b35ff2b58d2d
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   247942 0d03221e400cdfa4dfa62437e859af33
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   230070 4e75172f67d529d5b4960586dffb2326
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   689792 832b63f9f3b4109df89426905c5ddcc9
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   164948 8183cb1e03648f3f6cf19544eef00abc
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   173644 d194b2aab4f22ed2016a21cfc6cb554b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   210708 cfac0d9056615515ca8baba68d750c5e
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   186904 14761ff4b77ea55e8d5ea1bf838098b8
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   577486 23dcc7933085f8c1ed9ca319bcfb8d5f
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   214096 6902cdbbc99c3d21d8e97d3b2d962d0b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   211598 bb9345c62712925a2a31c681f80d8c78
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   261608 4ee5e1029fe9ab66213c57546ec099e1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   174596 7fd5a663614670bce66dcb18686707fd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   174482 3ae32e6fa2f05345221cdcf5222a0a76
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   204366 83a4a11374d28f11276a812af5a4f189
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   734512 83da9954a4e88ea281aac8e58cce0417
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   410848 fc544e2b161c9c796a97e702064c7814
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1627622 3ad29ccc7e3aa3ff849cf5226a378662
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   192576 191f6eb877c6220b15d3581748bf080b
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   186708 4778512f96e02cc2b00f667b7757dd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   415204 c1d5735cb1197a99a0d4a6e08ed8d2ad
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   176850 4276368e65cc7b6d0ced6fee47fd1325
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   180028 535e93c0336b609113938920d2da7b19
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   242192 7a7a71281b43033019a704565a9fc691
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   194772 f6fbbe744696aab7c36f1f118bbbdd89
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   176284 1c925dce81cd41410c433264025c6159
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   207898 981e0a72852e686ebb94b8bd54f16134
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188648 08fc0d4fab01781603e9572fd3e839f8
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   312324 a6c63c439a5bb043fe320f4779f8f31b
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158796 49f4feb5a9fe370f6ed39115bf6dae30
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158844 9fd7480c8f47f27fd6e0bc7bbf847533
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2774492 3424d3799ae9b7b08e7a66185aef68f4
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   347898 8ae26bdac80c228f162b0fd10fe25892
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   693412 f1a383a2bdbf67626c4389de56597a17
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   188856 7c8411b390713431d036b549a80f8d61
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  8121752 763ff2b160b0c0712499eae573f40e44
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   349704 baa5b652ac7da0154ee263c3522d04f4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1324528 4854dde9c6fa7cb0dcc6c3862507fb9e
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   797068 1ce3af82028237daea128d7213e89cf2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   447492 384596efd464eb27da2bea8b426e9061
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1200974 a9d2b33b28b815cb01bf96ae96093032
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   553512 bc158ab22c3d8949e0e9486d6518af40
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   158598 116aa61965b7a3b91b45e317d3e91b75
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1081118 e8b35d16092f656359e9c0bb99b74179
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   946692 c3e728e388711e13d6d2cebd03836e67
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  4773708 fb080167239394d3ba3ae4a71e737546
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1165792 e9456cdb9978268829113f8f687f98ef
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   494608 cf64329bcaf705b4cef3f52c90a612f1
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   260258 741427f481d436aa87d90d59b3e92379
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2383910 4dd936295dc3a5d630906d9c510813ca
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   338584 d5a558ca2dc8e909834048e78204d3a0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  8457416 479bbecbef8d2971225628529a160bb4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:   581860 4ba016a1f2b41d055eaa081ec5b04bc0
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  1133422 bf77f9281359939cfac6fe550af95f6d
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb
  Size/MD5 checksum:  2610628 6cc3b877c5b52e77dac0e83bd58fa390
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb
  Size/MD5 checksum:   145704 d959399c76a6f63626a83f75dbed9d82

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   241018 77a07432c45b9378936b86794d2bcab2
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   331138 64ad4122c8f105a06f56c23d9174cc10
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   282230 c554467354b448f9e165955af4e7b4a2
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   785174 dd08487031b3e63b50533df646c0e6af
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   200262 060aa0d9cb7282199ca18305b5c821f4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   197746 83836818743f4dd92b30ab3eedcf362b
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   281672 1e1caf7322c340167bb95486494c3012
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   174714 87eddf9c6a897f97952aa91c838eff89
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   180594 573276a89f23874cac04d56e205aec69
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   204752 51890686ef5fe0a32afb5f760e19e1af
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   680616 7200fc49162ebda0d53a7ab4a74bbff1
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  9735198 4c7d703ab09a32257fbb4a7a9ca6ef34
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1320712 16c0e121877da9f823914a14d3e5f40b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   272166 df7b6958c0a1c7017a30f9c7b78ec723
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   885970 0c270453838e035b27714ed71bc9a952
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   389520 46a680064a2f9a1e888df2bd7f7aa903
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   319674 7f7e6f24dac1b7e3f4c41bd3f589d281
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1015288 3253f3dc4f1914004ee0d58e4e1c0f41
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   389430 759f32add2082c6df77263c182b8dd05
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   244390 12f93645d7c7f68716ed544613efeb6a
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   186086 e51920992e3a65fc3d6738517e449792
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   513588 dacd493b35a8a37d1b0326ec265f1586
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   188836 96ec2b33de1690dc8dc1e4dca8a5de24
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   478026 59ab765625ea9dc6da641a8e5d01d1f1
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   229372 59d34c9c15853cb410d5ce3d35924d40
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177524 788b51e970927d25728e597d6efda2f2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1190632 24752ff589468af8133e0e27661cea93
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   213748 ced2278c1ba39a77143cedea80190687
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   206234 4fbbf0148b2cd42a69521255000601e5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   666594 e2ab67ea5ba09f7be87f51beab9d5886
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   162740 2da7b2488ea0dbaf0582960cfcbbb782
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   171686 6fd94e0375a1bbfa758392035ec76c73
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   208966 03cc15b63c820c9568275e4fc248afc8
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177938 0298a644eec5eb22c96672b1364f8ac4
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   177392 221bb28eb3760c47fb26797e692d84ac
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   571934 a2e321f788912dc8f4591fd1dfc50c79
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   189722 820323286728158435103af5db8748af
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   191700 7e3e4d432fc65a82689a629af33b6cf9
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   239296 141d8cbc8f454a44f79c13dcf1152e3c
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   170844 1a5bd0bb22fd2dfded42c17de02bf2cd
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   171222 3aecb797ff7774a2ab5cbb020b8d7583
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   200380 10901ad8dc53221e014db4503f5b1891
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   597690 1e422ffd7f5c0b308b54d0a5a732ad56
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   314590 36483349e4f37219f5ab22061b7c316d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1518028 6dd17e0c9f3869be4bde36d09a1f5cbd
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   184100 90bfe448f4c46e7032235e8a41f6bdec
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   180192 446b94f914b87c2855ab2b6508a001b7
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   408988 5a315e50bbe97cf00ab9c286168480a7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   168920 562498f992c6e330578f5545bfb4c183
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   173734 43011296400cc534ad0e2763a6948209
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   236732 9df9f6739611fb0fb3d13be1604e944f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   190134 7d2773cb87e157ca3872a3749f080ee3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   172066 be4d961e36c50d6db22d0dc790527cfc
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   203030 0ae15e99cf268d4607a9ce9f5a0499cd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   181158 51b4b7ed68aefda9a8c7c4663825bab7
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   256204 6f415eff373b0dd082c3c4cd88f38968
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158800 518d8866e2f0538a14a151e08205455f
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158848 05fdf197054b6de0a875f55cc623a90f
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1770534 a5a3246a865619f16873171292728d4d
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   304782 8c26e77f964dbabad39172dde2f11b28
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   448136 9f5a9f1a513fe8b4e0daddb3500689d4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   178986 1909446f56c676490d9ac52676a45e88
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   284944 026317fc993d1fe1dff80f1ac1eb91c5
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1197212 8fd8f32f6f3bf0a11401ed7597f39c1c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   689460 a050bbc3a8b3a9f1789aee998e00c918
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   335758 e8e92c844a61419c47bce1aad77a59d2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1099042 0a495c48978112d48a084651984482a2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   405664 210e7f001efffbb8aa0cb72a30ecde57
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   158604 d34dcc01cd3ea7779abb2fb03a07c035
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   758064 dc880642b8b7e1a8c29101b281d493fd
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   349048 a155502b312c00034f2ae0ee55a030e4
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   222330 758c282c2ea0fc9acb71bb81a50de8b1
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1240584 4882905dcb51ec7943e1a2af30de7411
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   336750 626286fb3dbfbddac46db00f94247987
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  4544002 e4cc4d1a010460c47e024cbbb3da404e
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   495068 9d646f6246283c9d9ec6203027418988
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:   873524 2490473ac20b90a37ee823bef1168001
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb
  Size/MD5 checksum:  1350020 fefe13b0d055607cbc25bea8a8700fa1
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb
  Size/MD5 checksum:    88642 2e821aab336d92fbf4463ec68d549df5

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   269036 e0d614a89eb3c3f0d76c1c32efb658d1
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   383674 85999be5fb8483b01f78ef55432996d8
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   283268 960f5f05ae7fda8191e7c3a0470519d0
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   794896 15bc703842b5c086c0dc32a365e75ec9
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   212428 6e245b0237e014fc807aae8a83765de9
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   200476 7f451738d1c701f31063eca4714a3e82
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   286068 5abe8c7d0b16a59be535313f4a8e5c41
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   178320 26290f78c879e2f18a917e4a0d594c83
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180942 212958ccdb25420a7e8c85efb757419d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   205778 62298420a535e5b9e334be552e02bfce
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   741164 dc4a231aa21b24592af81779a3f0e63a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  9875488 04e5abcf7f591272784c4e8a2de04600
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1448650 ef0aecd48a18d8c0328f8aed260a8056
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   291898 1d19096fdfda44903b79e0e907feafb5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   914694 5cd35836ce90b31192da903fe74b9464
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   457170 75c30aaae65eac879b12d96746024b50
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   345484 61ae086ce3fe377c7ad719ac15bb0e81
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1053840 265f890d3f31f22adfe12929e6927d1a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   457082 dcdadb44978e3efd8d4de14b1bb1e779
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   253440 832c6d9c7c66d6f5de7c8e01627413aa
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   189378 ef74e7e76c3a466cfe4fc965762f618b
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   519556 edf155ff90decb7a0faa5632b5a4cf4f
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   190660 86464457c3e108661887610e5ea83283
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   481658 4d02c7e8a59fc882c249abaecc9fb231
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   234346 48396e6b0a99add4cef783ac8a7aa4a2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180312 7065ff48dd57fc4712290485943d1884
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1200778 8891af2a2b97901ba15daa436bc4a8be
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   229230 b57f350a0b45180482d4773b4d4906df
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   210238 f1d4dceb06755ff6eac535ead7b60e48
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   679006 ab2a5d9d9cf347380e6e8f404972b3a7
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   163800 0cb95c62798ce539733e1b6d5f4cd10d
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   171894 3dbd7c7abdd64ee3cab8ab578c28a466
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   209482 61a6a45b5b9408f3bfe16d0ab2677e7d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   181812 9608b04167f37a788a8363f622038b3c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   178568 2643b6b2f300b44e9164920e90bc1e32
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   576458 dabd3f68c6c430a417eb265c04f97dc8
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   201004 53b5143cb8b95dd74f4c8c5394447c9e
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   196860 85d7fedaf7f23cfa9f5b852d7c2cf804
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   246082 ac0e1f47165a1449ce01d6fcd99ba377
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   172422 51a54bcd72bbfef34fff324215046684
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   171978 098bb8fef374fd9cacf44fb196dd6a08
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   201692 a0e794a9a0f11782c2a1e2c063c907c6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   658488 cd7fa7d1d143676db6f5b3c669ca2e90
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   337488 ec3a5b787c6ae945a8d4701894b6b47f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1558432 b758c6ae00f6795c2e7612d2b6869427
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   188076 b6383e3e11a196f27b0ebfce5a1249e2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   180856 1b3e3fb923a6fed46dfd8a9a819808bb
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   411938 8ba6d09b8b594b964de932b10515a848
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   173122 cbb902e5f1004d524bf428ccbb476af7
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   175272 78ef33ef661531a62de80c9e02927a3d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   238884 15b59465dccda67bd09e4882848efd07
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   191990 068d261c0a9192bc379118779f04e730
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   172872 081f29507e3b42c5a947425a865d6ab8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   204250 ded6fc6a4c13e4dca7a5fc897b95789e
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   183656 769f16754e841d2b3ede831430ee4d1b
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   279012 21e6d974d7bba679c7d0d297694eb6fe
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158790 8091cd2ef7e411b310f45861e8588d52
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158836 433eb908c505bc4abbf45420e3b82ca3
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  2107564 43918ac8ead8b2af80800041bf871aa8
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   316422 c9f27358a4f5da75df8128109fbb43a5
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   543002 cbd4b467bba106c92b1558ced4bf8fe3
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   182624 8420f1c990880b012d9323d0a68d3628
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   283842 98edafc555cb17b7705e96a739f97594
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1205152 6ccc49b27787b426e41d30cd7344fff0
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   753068 25ce758d961646072a6738b691c16d0f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   373414 5bda413e620bb7c40b30cd131af86938
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1144212 942d59d8482805825b108365bda78cfb
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   497118 379dc047cf057a4fb194eea11c9d3ca2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   158590 cba4b0c3960a04583aa947eb3ec21aa2
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   933874 1e1331ba64cb1508c4db1df59ddbb9aa
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   406030 e03c389daa5f6be9c72eb63353ce9d72
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   239710 a99463cc6de040a91e2c3485a6ae9b95
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1737236 4268b1a0b2a4ca64811ce65a3ba07100
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   337538 989852b0a430daed12875e29a361622b
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  4021462 de4bdda63e45d94a8132c2e94c252449
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   530278 1489eff24482171db1e388ca730595a2
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:   983238 a32855e77f25c7e9e21aa96ae8a9d2cc
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb
  Size/MD5 checksum:  1898580 582876c5ccae25dfd144bff7bbfc2e44
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb
  Size/MD5 checksum:   115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   268714 b457217d19fd8fbc43666f54ee3b422d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   383552 5d7b8a8f054a40610496c7b169a02bca
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   282270 3916d3d6ec212b8cf958aecf7283b697
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   784426 8f28ec91456ab0aa9c0fb585b27fac4e
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   212428 28ad717314bacf8db05ae3d9ece564d4
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   200466 dd18ec438c8d6db747479b46253b8535
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   285224 025be5d014139ee126025ded5d029419
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   178230 185fd834949d9ec6c15e7df2de864d86
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180626 b7750eedeb125264f01a77756e286d39
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   205458 7a79ee705eba1fb54f85e5038eb8f848
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  9700772 302744dbd76e8b44a9d13a47cb612994
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1448742 398ee2c960b1655c3357c45ab4fa1c5b
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   290434 a76f2678ec211948b0145199eb3a3b21
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   903856 0ef7e41798e292ab28d306a702e3b7fd
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   457676 5150db19a905714fb4ae3b84c7cf9895
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   344002 85c98ccc42151375b8cf1ac34adf0d88
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1041318 8355f472163d812e23d1a19b228a8871
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   457578 36228c60dfbf7761a288345c41e625de
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   253406 7e181529a011d49edb98d848c310ae7c
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   189256 419ac92bdd97a369acb97492a734d582
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   511450 c7e564de37bf7b6ae446f0a4356834a9
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   190518 82c1bf1e8dce203b3fe4c9f8fb36fa55
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   474102 3d171945e9beddbd6da2b320bc658277
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   234434 38a1c3c1edb0c74305732e47911e7073
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180340 48a789753e9e584c2f8a611eb00cebf2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1172822 4b9dd118b18567a2b9a6d70eddb2cf3c
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   229446 ef7a8df51a89a84fe1a8e9255407a95e
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   210292 1baf340db8decbb6797900b34ef01ae9
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   667708 80772935e2ff170fe06c8f0591d8ca69
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   163802 b288b0a03e674709d36f073e2f2aaabb
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   171858 03c3e449b387a91482d8b21e558c789b
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   208910 52fc67c2845f34df0217cb67c305647b
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   181866 37a8cd44a87026d32acc0df14da75c1c
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   178588 7a195ed2a458db3d80f37e74c7132826
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   569302 4df5863188eea9c531fb34ba8c914620
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   201112 9b6e9c39d38d1177bef58eb540536657
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   196894 afcef91937f62b700897557f5b63d4a3
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   245904 7f24c0ca154a19aeead58088bd176293
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   172436 23d27469a84fa956caf3311f66911069
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   171948 16d85086518604e7c07479209543ba5f
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   201270 d4743d9d59253608e7fbf3732ad32bc0
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   658586 e4247b61d8dbbcc543c2f81ffd2c4f2c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   337020 f6e748c6108bb629db19d0f0b890d899
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1556268 1f22fb32d46cd7fcaa817e767ed63e60
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   188070 b134b00d3918725f076deb49a8315287
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   180752 2ed8865fbf082082b83d692f8b404911
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   409362 c060bc4bb1eefdae68faade8fc4d0e6d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   173228 c7a08401264d1f621dfd80876984c34d
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   175314 9224ffb5723a2ee658ca751432781ce3
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   238006 2278377f71a0cf0e8214202a7c137b3f
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   192078 cdff976f851d9a639d546e17f9eb58e8
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   172872 89a7daed133f163b017cf4769fb72e90
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   203766 8425bd077cdbf5636ec9fa3a40899b34
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   183666 b1cf636c37dd8e9fd270cb46bdc1da1d
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   278418 5729538d364f4f5c8726f788443eb972
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158836 3cce8809849b8dfb61f5ecc67afdf631
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  2104034 acbbc4ba7176a4b6827fb183a2285c53
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   316226 bd2701e346c38ea1e280e4425fab0dc2
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   541750 a16b41e931f59e0c3ab64d0f3fe55591
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   182688 13077c7b948a560332188b139fa2b88f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   280024 fb4d9a96e61c132dbc5da3b7784a973d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1181102 b99aa55dba347f2a4a319fedac46bbb2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   740438 be2c7a300dcbc8a5dacd51864f9b5be4
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   373234 7ea4c99de128c118ee62cb7a2360d47b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1123652 f0f7eaef8ac9c91960474085f31a354b
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   498380 d46fc14c3ab96e6116e85720039c8bb8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   158586 01acd9c9a697fda89a8000adc065aa4c
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   929694 4dd351958a4ec579a305e18b17dc6b79
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   405110 4a7c191e86ad082b1b9a2b16ba52c64c
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   239834 3a244ffb3637774c3a07cc33b4d742e9
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1734732 6014914b81a49f5d8210e2beec459785
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   337532 1b7712671ffa568c1ab87b9a893910cb
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  4015554 6343b81312dc1b38035e449f291fc788
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   528816 facf36f32b31a3c47511c50cf46cc5fe
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:   972000 0b2178929d57a1967d588f928937874c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb
  Size/MD5 checksum:  1894746 74c426c412ffec5e16f485d18301ea08
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb
  Size/MD5 checksum:   110416 54d82d984ebe9e4b10e69b672c799cea

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   259230 4374f6ebc9200d2174341043c112e109
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   363334 160fc4f3333e6b709bba658d2178543e
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   296960 603c9c356c7301bbb3fa9916d1cb0ec7
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   209880 219329af51376127e05af35917a68735
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   204442 d1be96893430d198b15d594d56243a9f
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   404728 9d57cd3cf2d5b249e0cb57d5b30d95c6
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   178144 6cf6e6a63688c7a97e37c9474f3e152b
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182676 56c556ab6b021879101dd701870f0d65
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   250214 661e49c5917779fbef900cd019df3247
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   739352 a3415710c7e7386754bfc8682cfa711d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1400632 bc1b20f4b7c5d3b77ae0aee63effdf57
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   288220 a55ad73354c9090fcf0d8a5cfb4799f4
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1335508 683a85aa5049f6cc62fe568d5b75aee7
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   441158 7a73bd998d60d98474044473d7e1e4d8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   343294 71f1eb94d8436bb899d8de6a32da8aea
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1514616 f021b0e71a36cb05f70859140cd708cf
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   441080 aad05e6166ff256afe038261e77efe62
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   249610 761be7ee18d488fe34200d0dbbc67dac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   190510 21e8c664853cf494476e67cb3441b53d
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   724186 ca04220950d4a6182b19f8780a9dddde
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   192026 d3ddb6afd8406af0243609fd0d7dd8de
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   692830 1c8776ab048bbdd4a30e383cd1108e52
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   232648 62b9b0108d803f709ee26a68542fa3a1
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   181744 6f123ac1a4758926ec51709841b13724
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1859126 e043d9aac0b66d62a620655a39ad97ed
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   225148 aea9393faf4b0edaa9103232aa248464
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   211792 137274f7b5d4883a35d6907f280e38b5
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1007240 a635dc4740a9dfe704cc24877061c81c
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   163706 b2b7794ed5fe042e0c31fcc0cfb2bfac
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   173614 493da0df5065a4da8158cbb17f36b697
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   235184 819d0cc95a1cbfa835a2ed4b7f786165
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   180726 45d11fe75c08934e876787f7036f318d
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   180862 a30b2742d24be32833174a4a804ef6fa
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   832030 585c0fe336d9a51ddb9dc21768227226
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   198874 1294737db5224ab3296bfb9044e8832b
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   198864 19acebc0a0478a55f99d2bd9f90498a6
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   464002 8842b1d84d667d0484b1a421780a63e0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   171644 bd6629f9e652228fe66e9b0c391db4a0
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   173334 b0095bfe736254c0bc7b5c3909879ac1
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   645354 f78947afb933be6a464bad4620abd8b2
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   337340 1462471e8b2e55e967d37cb0dd5dcb7f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  2248906 aa39c626a490e7443a4bc380f9773aa2
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   186706 da779c8c5330d0407be8fdc8bb8173ee
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182192 63d57f316755a6d883cea67ac975f639
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   553672 2582cf21609c1c49f2aa094513e6f4ab
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   171892 040e3f801d40a4ad1bd3a1571ddd5e1a
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   176836 0e5e5ed5df4b61eb6f24ecffe9211206
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   279446 d3a872368f9df7580597389c17d978ae
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   191258 80fb2c1ad08d119ba23bcb3fcb16b1c3
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   174466 9be15db49e12d9c9cf4f749fef17e8d2
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   225114 69f231b8328338e02f8da31394d8d5dc
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   184286 f7c882400c739e3599e75e321d5e5acb
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   272710 ab4cc869a57b10cb0950136905b8c48d
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158788 3133edb2bd3a8df3a82a7807309249b1
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158842 f39ce73aad052fc70749989b60d0072a
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  2112920 b63086522de7681a0082a78c5b041518
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   314958 8e52d4a60a0d1b437b06143a8e7993d1
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   508794 28d7b024adde446fb86c6ce2b1f858b4
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   182900 61d45fc72d6d420debb63987b059bdea
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  3083976 db3db557ea4f14e99e6a43e0fb800fa8
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   295876 9917c43004b8dd006f4b320bc351abcc
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1904654 b5a2262a4e002e36278c656286efd8d6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   734058 18a3ef403198404e9c682e7e797a3491
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   372376 1507f1c52e26c3fdf13edbfdce59f8b6
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1613144 b01d825bab12e0e3c0f72774df57f51f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   468614 eb933fd5af24f8771376e3acac3ef193
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   158594 8dd4211d7bb00d471443a02fe897b828
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   808074 d72affd1921fb02b1116143642f031f2
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   690206 e141cc451a8bce56da60b2217234b6a6
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  6682418 be6e6132529820193e66e1c55f007dd7
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   885710 ffc8c7adaead9e4f332442833065ec76
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   390178 ccda487d5599a7a8c15280214bd193ef
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   233004 57129736c7e23d01c991f2352001934f
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1583670 2dcbdfc3cf2f7f3f2d59f50dba809362
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   337044 ead33998a914ae257d59cbb2845038b4
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  5796628 308e7e0b85001e7a3cbfd74c83bbd980
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   515612 173f57fef319a3fcbf3ff2a7a9ba2e10
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:   941398 df0360a7806665dcce1725cda3b5250c
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb
  Size/MD5 checksum:  1729414 6f361ae8c82eab376e14112caf563627
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb
  Size/MD5 checksum:   110844 bb75f25a0c723952e22c16528dac52a5

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   261016 b11576dfd58cb0b8610013fd1f77da5a
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   356334 c4c20e75114576c7d9dfea92ac735c9d
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   299618 ae63dc230ddf8380bb81ac03e84d9f2b
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   861914 142fce29993e744b67faf15c5acacd3a
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   207434 7016c7027a54d8885db3ce2dc9d72bcf
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   205026 1b44e63a82180d29a5ab16a8c7de5a97
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   298232 d4cc2f1a791890214175b650173be0a4
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   179704 eb9f7b47856ab858a7aa7e9540e36ec0
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   183334 86b4707988a2a88b669148b0cc06c5cd
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   209198 ae8ba29733696b125f5099d121d1865d
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   754942 6c4b60bab9d918a7a67f6cc5972e6d78
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  9935286 0cfd621c48007ab739925b97afe99459
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1385690 b5ec7f7b5a873a8bc6522ff58b006b5a
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   301510 84e66c1848cc1884b260efc6429f557e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   950252 29c6d39aa6989a525debc31d71660cc1
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   434648 fc65b47658b425de6cb92b308e0318e3
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   358550 913c9e37290bc08cb7985d3a5e5360b8
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1105980 cc20687246cf71654c2fea70f969945d
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   434536 f555cdc669c207a5f2af9f64c4dbf88e
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   249950 e0e278d3653034caa1ad8114de8ce051
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   191178 9877b23f5a8fe9f632516e6cdab20a40
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   526646 e9e92e600aa1328cf692a412dc29d055
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   193812 47843986f43e46a087562dd1ae3a7c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   488660 c36397e3e28c3ed31eb1c270a5b31ed9
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   231170 7343c839b5db38cda03132a2e2f43fb2
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180112 d437359c6939bc126aca998a2e0a5670
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1197126 04fef360a0c48ea4cbd22b2275967f32
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   224326 e755b93bffaf5fb3d8c61633debcf667
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   214300 ba38e46a2c08f96758435687abc968ff
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   164022 6bce2fe8f612b51469353c6a81f31777
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   172374 ed88c7ce6cbe8faa23d640b0c9261973
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   209892 58a5154d31b1b2d1345354b4ea289f3d
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180542 cd3659e44b98e761976991ec8aec1d2e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   180452 25765404e04171f9db00acbe1e1938e6
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   576880 78f5eb71aa6d98d757a8aa36609933e2
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   197788 63e02d933765075fda0163cd5f7b2123
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   198936 05e480a70d1637cf60e4b7d769e377b4
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   257746 1178c8bbf47a3da072a01387e26e4f71
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   171692 ae1e7545c18dedb65276509b967c3b6b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   172282 597d3b175e028585a432a5ea7624f759
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   202484 00900f13039ad238178deca2edada9a6
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   636288 93c9d7742151efee83b417616042de6f
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   349560 79cc1771215735324036f28543edd6ad
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1593378 f94fcfc6add222a9bd061ed107d3a982
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   187768 50dcdcc21ba681a47770f76e5bbbd16c
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   182564 eb1e3b990359bf9311fbe1b2bf5fdab9
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   413646 53e01dc86afc8d574656110369553b29
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   171496 c902c4ef1ae92f8249b1208063582796
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   175374 65f2f8042c3ba6d65db970a43bab4569
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   239804 88239fd56881a45d163b45744bfae4b6
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   191184 b0da17e90d1610eca0cb66845558ddbe
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   173304 a9ee19c5bbba5e3c05d7628a09dc759e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   205894 34a3d56b36366c1622cced5e3d03bfdd
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   183436 94608dfa5b08da618b55044e2ff2aa56
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   276620 cbe760c213039314b7a8bebda37cbc38
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158780 87774e3c0e9a3351f1df7df951920105
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158836 63971433e37d9e530322279eca61a28e
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1716176 cee79d4795b2c9c83b705ff494a74ea7
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   316906 c5b68def10170acf30c3ead53e5baa14
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   530022 4abc93320924d134665914f0b002ca61
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   182340 49bc884ea1d6989ecc1c5b8924c597d3
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   330914 b78dc9299d93f5c68e13bbba2e5b1171
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1310732 5d50f31cf6d71e5ae49ebf694089f12d
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   730954 4b30d4bd8f54ba04bc79474206d24c20
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   368744 1a3fcaa2b38ab320f2cf780ae2fbb756
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1203426 77382920ec77dcc0fdc2d2111c367466
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   438364 a8f9aa44229d2c9d67bfd9e6c53edf14
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   158592 c7351256cd10ca93167a8fa2c420d8ce
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   851034 4b4ed34eacdff567696a351769e91dec
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   354328 66b68028c1ea212b0bcffa74ea31e314
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   235068 1d03c6ed8c54744dfab467051f886891
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   337220 f0680427e0457e75dbcaa5824fdcfade
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   521820 058676242c82729a321b28c9258f869a
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:   806406 b67e9bf1e1f71a3e39871efac1ef04ea
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb
  Size/MD5 checksum:  1766784 c5d15916eee193f599fa851ee4efaacb
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb
  Size/MD5 checksum:   112154 a2dfc1a42c434f2903ec9be068e12e30

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   251120 6a6c6f03b37e811ae195469e72c6e38d
http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   344048 8ba999289d750ba4ee049ed606ce7ebc
http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   285098 013a125bd422e828d5f7b4b7caf2befe
http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   786826 23029fee14ae423f4a01757a7556f40f
http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   206034 e5bfb0235acab95832126c426d4daa22
http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   200282 6d51ad473754375427be266be139cf4d
http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   283484 64378cbd6be7aeb6788f01da7cde5378
http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   176924 90574aacc859e31a6835efde2c649563
http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   180862 a148c29afba10d5e75403dea33ddea9d
http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   204844 6885ec3fcb260cd54c3b10d1a6b80e3e
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   711862 05c681c1d9aa606692192546991dc4c8
http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  9810500 96f9b7f647481a3a8cb07f3e589614b0
http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1365910 cea371314adc8346bc04d55145bf7132
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   279718 c8759a8f7ba115ae15dad96e66ff3d70
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   892056 f15e34ed247caeeade4397859e8c045e
http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   417428 ddd304994c35f2b11434cc57678b6200
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   331668 aa8c142b8af774f3fe2b1a9f9afe5336
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1026356 1e8d84afa56fa5a61685ff0b641774e5
http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   417338 7ade24d52608d946c225e5c4be803c3d
http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   247482 2d0dc48c46f5c0aaebedfd207699b801
http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   187792 1d819fcd2fb687bbe116b6727326daac
http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   516558 8c7179f7202d40a5f60dfcddd9cced06
http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   189846 bcc85d36bd7863444a561d6d0d7bc1bf
http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   478100 b381fe292a9fcb3aff5f54a3730c82ab
http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   230528 d0e74daf0645f7a4d9e88988b4110f5a
http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   178522 f797684b630c7b94837dfc064da221aa
http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1198574 a3fc69e423818ceb83036878952064af
http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   219068 dac8cd1cd25927ab8ba3adb5b3c13d45
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   208188 e99b887c7a5210693174ea0453c4a095
http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   673178 f8a305fff41a8fd3560ba9620d68a0cf
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   163184 1ef9674f59e1d452b3b375e3f6cc6ba4
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171726 a42c22e71c8f79ad852b59c8833b5480
http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   208980 ee24eb25da955b1b835f4acad6029188
http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   178962 fd22df9f1110413451eda040cf3d4215
http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   177550 05f9333009b40b16a56a655261c4569e
http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   573766 fc89bff55941f16ba246471874de95bf
http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   194160 e16fe3bc639b204b7121cb63fdb45558
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   195154 bc337cf9957de401de6ba90a6222f94d
http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   241360 9918a8f85df0c41a4d3ada958d916644
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171148 bc8aad869f6c663b43a0aef73dc8019b
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   171376 0c7a75d8c7993858930cac664d7482a6
http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   200530 e4349aa63bd0681cf66fb531bda10396
http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   627184 f4b4c4b5834940321c5fd95a2279e12d
http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   330450 b93c2dfbebc8a8fcc2713e89ecda986c
http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1533278 46825c4c0c5d393de98774b47e719cd0
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   184926 46b30fe844b4c08a24b868d63dd3bd58
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38
http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   410236 3564a0b2686f28cfe597c1cf97405627
http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   170444 ccbcb0f2850701bfc6321c674a8b8ce6
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   174218 e5494fbdb588d2691c253c98d977ce4e
http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   237016 4260166015dd5ecf364af96fca04ecbb
http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   190284 337d228e15acf2a7cf83026ba3b4bd4e
http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   172002 6e0d484b45388a3f9e0265831750fbf4
http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   202836 43787cf76647ccd5cbd7b9197d6b420f
http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   181708 027d176b8b89cf2eecef08b3fa4b90be
http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   268224 12152b5bab3f6cce61aa19f9e05941ef
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158632 68eda17dfb6d5846a93627748b1ad4cf
http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158686 ec54e69cd4c1c82c623cc53978b22dd7
http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1934896 77a1064998455a2cc1c384ae8fdcce29
http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   307792 b181b2bdc84e8916e60676c8804d5173
http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   498726 08f1f092d52d0f0faea072db99079d0e
http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   180478 909f79a3f4a4302fb52cdb4f625de32c
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   706072 7bf7c05cbffb036433ec24a9f5006a77
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  5583652 c58b16c2d860523368c0ee4624be4803
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   287114 01850d1ca580b4dfb0608f39306a4b91
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1253294 76575b58b1cb40b6c3f060b7c07412c2
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   706766 97f87cc7b482596307e4b95b34c38f2a
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   357804 a38bb604c839d14ec09d2cf74e781e64
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1110290 4fc9f2978c422f6771bea6531eaa106f
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   442180 5652768f439246c9e1c5ad68e1335520
http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   158438 8c25fb31872381acd35354f91317c5a4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   823038 85b8ebe6d2e4d633c6dab56666ce2f78
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   695786 0152e635b45f6c6878038ec796dc7cc4
http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  4596090 9318bd03402aff608c7cb1993a50fb90
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   863010 5d7a9b2b939bebd52b450235569449ac
http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   387526 0db93eab07feae51dc80ec0f785bfd66
http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   226286 bca8e3ba1abc54e535fc51e791ee23fb
http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1494844 492ef231edac7bf67969b425f325e095
http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   336664 e6c981e1ebbba26892ab43b94e195c07
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  5432244 6fb260dc0ce16280a897fb71143a5c16
http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f
http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   508648 d2db70e93fa1a20b801869c2146770f9
http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:   920670 62b75897a9f1ef8fa41c4877615ea585
http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb
  Size/MD5 checksum:  1626640 263daaa71644ff219841c835ca8c5f2b
http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb
  Size/MD5 checksum:   101352 197681c30bb451093563cb9d9d380fcd

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe cG20nrUmt0Lbb++Dmcukkyo= =uFfR -----END PGP SIGNATURE-----


Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability

iDefense Security Advisory 04.03.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 03, 2007

I. BACKGROUND

The X Window System (or X11) is a graphical windowing system used on Unix-like systems. It is based on a client/server model. More information about about The X Window system is available at the following URL.

http://en.wikipedia.org/wiki/X_Window_System

II. DESCRIPTION

Local exploitation of an integer overflow vulnerability in multiple vendors' implementations of the X Window System server BDF font parsing component could allow execution of arbitrary commands with elevated privileges.

The vulnerability specifically exists in the parsing of BDF fonts.

III.

As the X11 server requires direct access to video hardware, it runs with elevated privileges. A user compromising an X server would gain those permissions.

In order to exploit this vulnerability, an attacker would need to be able to cause the X server to use a maliciously constructed font. The X11 server contains multiple methods for a user to define additional paths to look for fonts. An exploit has been developed using the "-fp" command line option to the X11 server to pass the location of the attack to the server. It is also possible to use "xset" command with the "fp" option to perform an attack on an already running server.

Some distributions allow users to start the X11 server only if they are logged on at the console, while others will allow any user to start it.

Attempts at exploiting this vulnerability may put the console into an unusable state. This will not prevent repeated exploitation attempts.

IV. DETECTION

iDefense has confirmed the existence of this vulnerability in X.Org X11R7.1. Older versions are suspected to be vulnerable. Additionally, it is reported that the freetype library is also vulnerable.

V. WORKAROUND

iDefense is currently unaware of any effective workaround for this issue.

VI. VENDOR RESPONSE

The X.Org Foundation has addressed this vulnerability with source code patches. More information can be found from their advisory at the following URL.

http://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html

The freetype developers have committed a fix for this issue to their CVS repository. Future releases will contain this fix.

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-1351 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

02/21/2007 Initial vendor notification 03/28/2007 Initial vendor response 04/03/2007 Coordinated public disclosure

IX. CREDIT

This vulnerability was discovered by Greg MacManus of iDefense Labs.

Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

Free tools, research and upcoming events http://labs.idefense.com/

X. LEGAL NOTICES

Copyright \xa9 2007 iDefense, Inc.

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200704-0737",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "5.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "6.06_lts"
      },
      {
        "model": "libxfont",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "x",
        "version": "1.2.2"
      },
      {
        "model": "openbsd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openbsd",
        "version": "3.9"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rpath",
        "version": "1"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "linux advanced workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "2.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "6.10"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "xfree86",
        "version": "4.3.0.2"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ubuntu",
        "version": "5.10"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "xfree86",
        "version": "4.3.0.1"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "openbsd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openbsd",
        "version": "4.0"
      },
      {
        "model": "mandrake multi network firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "model": "x11r6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "xfree86",
        "version": "4.3.0"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Greg MacManus",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-1351",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "VHN-24713",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2007-1351",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-1351",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200704-102",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-24713",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2007-1351",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input. \nAn attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions. \nThis BID has been retired because it is a duplicate of BID 23283. X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation. It is an open source free software. If the specially-made font information specifies more than 1,073,741,824 (2 to the 30th power) unit number in the first line, it may trigger a heap overflow. \n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200705-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: High\n     Title: LibXfont, TightVNC: Multiple vulnerabilities\n      Date: May 08, 2007\n      Bugs: #172575, #174200\n        ID: 200705-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in libXfont and TightVNC,\nallowing for the execution of arbitrary code with root privileges. \n\nBackground\n==========\n\nLibXfont is the X.Org font library. TightVNC is a VNC client/server for\nX displays. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package            /  Vulnerable  /                    Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/tightvnc     \u003c 1.2.9-r4                      \u003e= 1.2.9-r4\n  2  x11-libs/libXfont     \u003c 1.2.7-r1                      \u003e= 1.2.7-r1\n    -------------------------------------------------------------------\n     2 affected packages on all of their supported architectures. \n    -------------------------------------------------------------------\n\nDescription\n===========\n\nThe libXfont code is prone to several integer overflows, in functions\nProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). \nTightVNC contains a local copy of this code and is also affected. \n\nImpact\n======\n\nA local attacker could use a specially crafted BDF Font to gain root\nprivileges on the vulnerable host. \n\nResolution\n==========\n\nAll libXfont users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=x11-libs/libXfont-1.2.7-r1\"\n\nAll TightVNC users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-misc/tightvnc-1.2.9-r4\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2007-1003\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003\n  [ 2 ] CVE-2007-1351\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351\n  [ 3 ] CVE-2007-1352\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200705-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. =========================================================== \nUbuntu Security Notice USN-448-1             April 03, 2007\nfreetype, libxfont, xorg, xorg-server vulnerabilities\nCVE-2007-1003, CVE-2007-1351, CVE-2007-1352\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.06 LTS\nUbuntu 6.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n  libfreetype6                             2.1.7-2.4ubuntu1.3\n  libxfont1                                1:0.99.0+cvs.20050909-1.3\n  xserver-xorg-core                        6.8.2-77.3\n\nUbuntu 6.06 LTS:\n  libfreetype6                             2.1.10-1ubuntu2.3\n  libxfont1                                1:1.0.0-0ubuntu3.3\n  xserver-xorg-core                        1:1.0.2-0ubuntu10.6\n\nUbuntu 6.10:\n  libfreetype6                             2.2.1-5ubuntu0.1\n  libxfont1                                1:1.2.0-0ubuntu3.1\n  xserver-xorg-core                        1:1.1.1-0ubuntu12.2\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes. \n\nDetails follow:\n\nSean Larsson of iDefense Labs discovered that the MISC-XC extension of \nXorg did not correctly verify the size of allocated memory. (CVE-2007-1003)\n\nGreg MacManus of iDefense Labs discovered that the BDF font handling \ncode in Xorg and FreeType did not correctly verify the size of allocated \nmemory. \n(CVE-2007-1351, CVE-2007-1352)\n\n\nUpdated packages for Ubuntu 5.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz\n      Size/MD5:    57463 b8f6fa3ee48672ceca86bf9625536545\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc\n      Size/MD5:      695 b4b76f4eb02a68844666cecef2655e87\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz\n      Size/MD5:  1245623 991ff86e88b075ba363e876f4ea58680\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz\n      Size/MD5:     7087 fa6f3d6472398c4afe51232508d5bd25\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc\n      Size/MD5:      771 220ed305b077585687ccec6564955b03\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz\n      Size/MD5:   788911 32b390bd94e4250475702e668b2bf243\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz\n      Size/MD5:  2491611 eaa8cba7cdd69c746d88c0c28fe51c5c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc\n      Size/MD5:     3728 9ae8a29c6619763c73ac3c7554615886\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz\n      Size/MD5: 49471925 34cba217afe2c547e3a72657a3a27e37\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb\n      Size/MD5:    65788 12bad26276ea4cb67cd2ef6959e8dc59\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb\n      Size/MD5:    72432 2c968bd2d7fcc1f5f7ebbc07193f58a5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb\n      Size/MD5:    65560 073f34a0d879c566823c70a701e40aeb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb\n      Size/MD5:    92072 af61cbb4688ff1affeed10a82a8660dc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb\n      Size/MD5:   715620 e4f2e86619a5f21ed660eca3f03897e3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb\n      Size/MD5:    65536 e1edff49971cdb0872f71941f37950b3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:    75540 9be3f1b17f6ca112f2907b69d1e87ffa\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:   722918 748a13b1cfbdf910d89f435a822d0546\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb\n      Size/MD5:   241784 bc3519b183a983495121373cd78c9456\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb\n      Size/MD5:   392948 d6f2e48fe489ca394fad153c07400d14\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   297970 157c10e1e0db8aced07b462777318da5\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   377708 bfc5fba5bc6305a66dc0836712e7a91b\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb\n      Size/MD5:   243588 f275099ce971aa990f3d28e0d7aea5f3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb\n      Size/MD5:    65746 e85a37b8b5ca3e0150961324914dd38a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb\n      Size/MD5:    65774 dd5d197fe97c558ec418dde967a914a1\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb\n      Size/MD5:  1029630 40e93609ec560b44558b86cc717d2991\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb\n      Size/MD5:   117402 35860dfb00719c6fffddb2b4a5747abd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb\n      Size/MD5:   113704 24f40fbf5593dd653e72f6c2797516c0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb\n      Size/MD5:  1526642 e357f9979668602743c2596992abee80\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb\n      Size/MD5:   123324 d10670b3b2a2ae50b816062e004d1b7f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb\n      Size/MD5:  3993068 d361ba44f7464198b2d990dd2f939ff3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb\n      Size/MD5:  4773852 f644788b79b0d0a6deb0bb3e27743416\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb\n      Size/MD5:   126370 521f72819330e496e89a253021cf5215\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb\n      Size/MD5:    73882 3ebb4a5f56625e7b78d9e536072bc763\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb\n      Size/MD5:   324240 e01da75bc223cdd1b8699b19291334d6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb\n      Size/MD5:   152244 43f0e543b835068278f56c60690769bf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb\n      Size/MD5:   101702 9ebbefa73e1c3194b6c04269fdb292d8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb\n      Size/MD5:    81032 5d524764bb1c2bd8b918ed563b68886e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb\n      Size/MD5:    70664 2db770e3cc6802174762f55c99ffd1b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb\n      Size/MD5:    74290 49d5ffa068a163464a569a4c8cd662f1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb\n      Size/MD5:   160244 e59c1b781ec041ac3df2486743ba07cc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb\n      Size/MD5:    89792 4b5528d20347eb721df443aa14be6084\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb\n      Size/MD5:   168474 a98c9ebf3b71b96066ee96c461e51de1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb\n      Size/MD5:   154206 f146cd927b79c7f43fc4afe904fd7028\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb\n      Size/MD5:    99620 45382b9464fc7c21021ca81f7601977a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb\n      Size/MD5:   131230 d73416650296039e0d59d2a2b75f2d8e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb\n      Size/MD5:    90240 5af0c68193b4349fbcd239ec482ed2ab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb\n      Size/MD5:    91726 cb82c871f03ffb6e968bea210a6af75d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb\n      Size/MD5:   104188 eb7e8e83da3cf9b4e7c65ed24b92a2e0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb\n      Size/MD5:   107776 31c8cc09a6a9241c91d2c03975287842\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb\n      Size/MD5:   105300 e06379b5530410c398c23d24e4a2682d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb\n      Size/MD5:   340896 0114deb2e7cea78860e08ada6fc9d3d9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb\n      Size/MD5:    99038 bd5c774e186120d851799de0d060ef3f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb\n      Size/MD5:    88846 e611135fac9da5e514defd35fadd8025\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb\n      Size/MD5:   132244 aab798cb57d644b327fe6a7bb5c51637\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb\n      Size/MD5:    96404 3ee874ea69eefd45491d6ca56830f307\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb\n      Size/MD5:    73392 6d5439acff5d2098ca6741cfb8ef6a00\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb\n      Size/MD5:    77434 6e8e03907c375a01588e05d5e1b18b23\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb\n      Size/MD5:    75352 b12939451111e63dd0917362e42ec4cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb\n      Size/MD5:    70676 730768c822fa4c806bab0459866971aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb\n      Size/MD5:    80550 184a471135082d501936061092fb607f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb\n      Size/MD5:    70248 656d22076f2b45ded25f4d2f08d8801a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb\n      Size/MD5:    90044 676d14ebebf88b4e12114b08b169003c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb\n      Size/MD5:    71032 fd5b286d4122018630fe6afec181edb6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb\n      Size/MD5:    70166 f1c622c52ee792548953adce5f372a2d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb\n      Size/MD5:    69772 099498b9bb81379b15f5c24741a2befc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb\n      Size/MD5:    73234 3410e093a87090fcf4ca0134c7f00ab3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb\n      Size/MD5:    70778 b37384a5c58b046fef89f487ff49f5a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb\n      Size/MD5:    72940 b873ef7a14637241aacfbce9951b60da\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb\n      Size/MD5:    74632 79a5026db158fb123ff54af1e35d501d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb\n      Size/MD5:    69366 8f0c8b39e5f88d657a8c038aae1305eb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb\n      Size/MD5:    72022 0dd20d44c7f77c47c3dd3f7a3353b894\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb\n      Size/MD5:    98390 2c172d033b5252846ceeee40990d0a16\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb\n      Size/MD5:    73580 3d3b88bf32deff96a074b58a30a0cbee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb\n      Size/MD5:    71608 db4f436ea8ad1ecf12698014afca127f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb\n      Size/MD5:    70346 ca124fdfda754fcd9a91adb46d62a84e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb\n      Size/MD5:    69124 ac4fa56df52b175d81769cc20caf3777\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb\n      Size/MD5:    72888 c1279a890e388b9cdb7e8e79c6e6cafb\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb\n      Size/MD5:    70860 c17d207b3d04bd35ad5afa7ba56597e7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb\n      Size/MD5:    67680 77d2e92de46a38a197f62355e45a84ee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb\n      Size/MD5:   101040 b66ac048fc5858c86e9dc079c79f8b38\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb\n      Size/MD5:   274146 40e3014ce80f6be8852fa043105bab70\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb\n      Size/MD5:  1640494 bf0c8235665a11c099cd227ad2b3a60b\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:    52860 8f9822785a4d4feeb120b7ef6d874709\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:   686404 46b3001cdee7cd73141461033f8f4482\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb\n      Size/MD5:   209260 17f5df161bde9954b46051ef2e989159\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb\n      Size/MD5:   361112 e8d31f9d89c442a5834144b374b49a54\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   275968 4d5e4d8c032a149c09033a3f4d078faa\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   321688 f7e708a09b31924830357d10ad2fec40\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb\n      Size/MD5:   217758 a18b74fa709fa38ba055e8e4b820a09c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb\n      Size/MD5:    65750 86dfe78dfa09f1d7a52d646fb10401cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb\n      Size/MD5:    65778 5dbe48fb74851b2c6e85cd143560884a\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb\n      Size/MD5:   880068 69e876557cbb97c0b51a2574f2ab4a2a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb\n      Size/MD5:   111442 5fb72b1e75b0a6e8a528940045233288\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb\n      Size/MD5:   107366 88bf57b6009f6e5e1b74543933d90952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb\n      Size/MD5:  1282444 a1616fca7bbd45734eeac5dbadd4ddca\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb\n      Size/MD5:   122984 46402235fcb4c943f421d0081767c228\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb\n      Size/MD5:  3393114 cf2287d566a90325bdf5d37d0d772c9f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb\n      Size/MD5: 21046384 e74d9ad7ebea1118a0991b54de50b21b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb\n      Size/MD5:   122974 a2d63f1a30e2e8778d3737d334224e44\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb\n      Size/MD5:    72406 c79fce80a122bcb69cb8aa2840027183\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb\n      Size/MD5:   300354 be69393fd4c49073fc291d4382682af6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb\n      Size/MD5:   147054 13477206d327d76ed6cc6760081b6a0d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb\n      Size/MD5:    94812 6dbbfc2081ce19bd705e65a76c370b18\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb\n      Size/MD5:    79216 96e108be36d7e96d1d7c61c55d2eada5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb\n      Size/MD5:    69808 919b659eacec53b4612e0fac956adca7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb\n      Size/MD5:    73250 78bb84280077b3aba53beded9161a244\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb\n      Size/MD5:    74914 040afc6608d22fee2eae20ba8b0e840b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb\n      Size/MD5:   159892 2780f991c85e2be15dda1635f8c98b11\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb\n      Size/MD5:    87476 f4505c09091c8d4e49b3bbb345340e2e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb\n      Size/MD5:    86544 d08ed7ba7921a6341be43b1b597c7c01\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb\n      Size/MD5:   158570 b6a1db2cde816a16be29d2aeb627ebee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb\n      Size/MD5:    73262 07d1fa25882621bad5be61b318fd3a66\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb\n      Size/MD5:   143748 8868549c96ba8150954a69cbf3730801\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb\n      Size/MD5:    95818 b3b86c3fdce299e35aba1f8189fe5005\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb\n      Size/MD5:    74236 e55cf778b3b0f1d43604722bdd8689b2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb\n      Size/MD5:   160514 2ececee8091f44f6dd61de03d9ddf77e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb\n      Size/MD5:   123050 8e43b21c9dce1af5e5b88f24b8239952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb\n      Size/MD5:    87578 52ec26ae5b375ef892d6a86f180577db\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb\n      Size/MD5:    88736 1538d94d86c0603bde8c1f8504121c8f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb\n      Size/MD5:   100086 c31e59302ae59a2b4eeb015050922b41\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb\n      Size/MD5:   102452 f1eec9b8382457b89406d69b526ad11e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb\n      Size/MD5:   102018 fe04cd8d4a6e461491add407142d3ff8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb\n      Size/MD5:   320680 c7a5363feaea7213a73835fb53a023dd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb\n      Size/MD5:    94190 4b8e7c65cc416de4a6d4691250776493\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb\n      Size/MD5:    86104 94013a70b7734e0f4205e723093f71a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb\n      Size/MD5:   125852 2352b91c3e6f9de7f5e5d63efdb22c82\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb\n      Size/MD5:    93760 809003f68c722bd4cfae1a197fc5f652\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb\n      Size/MD5:    72098 5651248f206d8b9987370ebbd24531ab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb\n      Size/MD5:    75834 e41fa0b5de64e33a4c38c15f947cbb37\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb\n      Size/MD5:    74320 9f80f3d04c9ffd9f5a505847a7fbbc4e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb\n      Size/MD5:   138682 7e1c4877500e1dca3a735dd2f33d3193\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb\n      Size/MD5:    81378 ea3a2925ac33d30af17a184c1160ab34\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb\n      Size/MD5:    70188 dbba5b087d2dd682d7df359c6ecf7aaa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb\n      Size/MD5:    79394 52f292de69593f4126072df958002b5d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb\n      Size/MD5:    69716 edd13af3e98d5f70248479424f7597c2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb\n      Size/MD5:    87794 c6c08212db44d8cf26e0884a04c2d9b9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb\n      Size/MD5:    70516 a91e7e0beab053a8ff753050c2f15b35\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb\n      Size/MD5:    69564 618499e29d79c7bc8f11ffa925c09b75\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb\n      Size/MD5:    69266 f457352b4675b27b7d40337cbe0a2695\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb\n      Size/MD5:    71954 153e6af112f360033a37aeb4670c14cc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb\n      Size/MD5:    70338 c01097e2eb0a2a3abc95a3dfa0247327\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb\n      Size/MD5:    71888 2f84d4568562561ef3498c9791ccab7f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb\n      Size/MD5:    73402 7e0ab015ba49f103afb96c7211ce5755\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb\n      Size/MD5:    68822 4f17e665de66a9940ff3c6722fb08198\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb\n      Size/MD5:    71282 ac55322bb00e6c33b1f764e47a2896e2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb\n      Size/MD5:    96556 c3fce835be42eb0c31d03056fac32376\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb\n      Size/MD5:    72546 05232e76ad9b9dc93d3db86c423d1b7c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb\n      Size/MD5:    71022 4fd42ec380a437249a026bedc2e44cfe\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb\n      Size/MD5:    69748 7f95915c766d8f5486b6ee4af5f824ca\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb\n      Size/MD5:    68636 6e64a58144fd2364f5a27cacadc668a4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb\n      Size/MD5:    71956 f9a757c36bec95a75413995401d7fec8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb\n      Size/MD5:    70302 2ec147acfc14c068896185d2dd01887a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb\n      Size/MD5:    67446 ca456ab89714cb807ab26dfa676578b2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb\n      Size/MD5:    96986 2799f489d096d23cc91037d7705f7abd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb\n      Size/MD5:   274176 ea1d2fc5b60b7754d47ada4cbbe7a612\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb\n      Size/MD5:  1383664 7fca88ca86e1d9545c0a5a7ed877f2cf\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:    80654 12c06589e94a6d6da139a27d5bd48b4c\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:   729308 9c85d5592d0f162884bc52bc82e09457\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb\n      Size/MD5:   230642 65a12121f60f8096bea04955e30ae42a\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb\n      Size/MD5:   382478 7b1ac5f12fdba3482ad3251c3c24bef3\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   286022 d37d7708a0341cd63c1390fb0ff387a9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   373114 ed63b7e61d8a65f90cd8c3599d0c96a6\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb\n      Size/MD5:   237726 289174b8732579cc6b38f50f6398525e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb\n      Size/MD5:    65746 c5de437f4027dec1acb8640bf14c4ccf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb\n      Size/MD5:    65774 9d5e6b227f9799035e83f10ffa1f4cbe\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1006498 218159bdb9b8b250ef184881db5364e6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb\n      Size/MD5:   114636 384d4379cf21cc360da3f74252dc6e48\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb\n      Size/MD5:   110580 054183b9a9c8a86fefac3017592eeb3f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1477044 d49494dfeb3fbb06cc60ac2397b104b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb\n      Size/MD5:   123370 5084044b08a994ade1e05ca769fbfeab\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb\n      Size/MD5:  4153716 d136a45467ed83aa7c9be079d38bbea1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb\n      Size/MD5: 17841844 cc6a10b4f49e0a3dc197f4b4a25be310\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb\n      Size/MD5:   316180 8da85e525823bd09bc3648d5f642baad\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb\n      Size/MD5:   158800 f6957aec1dfb811624d4223b3b8792c3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74910 886ebb1cc261a13774fb37442f67b04b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb\n      Size/MD5:   177164 4df697145e0bc9e405269f370c098ad3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74766 af48765f0b61b699ef013e7fb91d0563\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb\n      Size/MD5:   154718 49e8c9067f4196f735100fdb88abf241\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb\n      Size/MD5:   133938 1f37af997b732cce638c2f442ac32c27\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb\n      Size/MD5:    98722 fd531207bb51ee7557839113134c03de\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb\n      Size/MD5:   107536 eb327385a5f0410f9a1180d7c6808903\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb\n      Size/MD5:   110162 a70cd8531c61382bcc07b92a34202bed\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb\n      Size/MD5:   368234 fde514af99dfabf48ab685c95a95249b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb\n      Size/MD5:   100614 d6dabc2023c08f6379f0fb98d3c076b3\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb\n      Size/MD5:   142422 42f616549b5dac01f66403b64d5c5e5c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74212 d6d45dde725417a9a4b014c65a41cb12\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb\n      Size/MD5:    76358 450f581f1d862d20f67f0054ea46cc66\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70846 9b2d0fa88f4fa0edacffdef2ee62901a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb\n      Size/MD5:    82626 b4af3fee8db47771e9325f634119c6b4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70766 2f945c77af13fed6788bdabc71c312ce\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb\n      Size/MD5:    93244 e8dee7a2b70acb94d51c7cd1c1e97b9c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71734 e73893cfe3b9d5b693569c2382905cf1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70374 7082960291a9bb88d003eeeb4285358b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69938 d7113c27bbd386c14ff9a2b712c51342\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74028 4bd41187c68fa51fb0adced0ccaad0ac\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70956 a0f37dfd435cba240a1d3a35f27841aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74336 41cacbfcdc99b42b0264d82a7578a8ec\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74960 52611ed1fc10530d4ab44fd16577bce1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69550 22c49ab9f187bdca55a0fbb83857ce25\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb\n      Size/MD5:    72498 44c3195bdcf64c2c5cf8504f6089e619\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb\n      Size/MD5:    99586 ac9781c897e4dc052af9c9c80a4853db\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74312 6d10ae854f4e4a3c5f137950e307db5f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71850 80b3b7bd7b567be9d5dd896e8613ec16\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb\n      Size/MD5:    70548 37d1b7c034b9f792608d3e6dd2a867d1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb\n      Size/MD5:    69216 7ee83181573ac45a56f2a4fb044a5e6f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb\n      Size/MD5:    74222 a0f33d1df407af5b5a6c51a5882a9e60\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb\n      Size/MD5:    71126 9140e6af3e6ad35bd68a5f5968399b0b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb\n      Size/MD5:    67622 d3f49e28e34a285865f8870b3eeb8aae\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb\n      Size/MD5:   106738 88fbfbd6e6ad9f5336552ec2e50ec9a1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb\n      Size/MD5:   274024 93076262a05833b4807e98699103d946\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb\n      Size/MD5:  1590104 e71d49333a98a285fe438d08e48ca2e9\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:    68646 bd18602999ade0786089cf0c117a8340\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:   699952 0697ae616e5f96afe661a7a121eaf8ee\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb\n      Size/MD5:   216454 7d29da7d817ac7ff1c6d7914630493ad\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb\n      Size/MD5:   367276 9024cd052d0210a8bacdaff20589b06c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   294964 b666356962ef9506da0b76efd05c9908\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   324238 7dfef6defc80be665990fcbdd0e08e2e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb\n      Size/MD5:   232476 dd914e38e4765a07e0980dd6ad5907b8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb\n      Size/MD5:    65744 69da99ffdd8daf0a439b098b2e284b32\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb\n      Size/MD5:    65772 de0733e94929d4379e05d3c88a13a285\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb\n      Size/MD5:   920880 2d70ca5f3de16d1192b1c05d99e21d93\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb\n      Size/MD5:   112780 bf763538fea32c5f73f85ab86438014b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb\n      Size/MD5:   108622 99531cb07cdffc17daf11727bc7e11bf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb\n      Size/MD5:  1357838 e4491783b6a9e3d45d19a1ffa086bc81\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb\n      Size/MD5:   123326 32c21b631ab344dd58d27bf7a62c605b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb\n      Size/MD5:  3746340 8e6087848c828cfc5d72cde99b21242b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb\n      Size/MD5: 19778476 767707fd2df5e224381a33fa872cf19a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb\n      Size/MD5:   124424 081cfba509d6784ba22518521c18aa79\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb\n      Size/MD5:    73344 ca0e2f22257a9911dbbe7c9c0f479d57\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb\n      Size/MD5:   302440 861d677e1de334391174481377f437cf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb\n      Size/MD5:   152068 643d54a96746678c36f17c3ffd3ab91c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb\n      Size/MD5:    99108 b1a219d38a08ec0a3ca4cecba79a2784\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb\n      Size/MD5:    70306 2b541fd5e4f10f05266800b2f977f120\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb\n      Size/MD5:    74052 448582ffd40305e797cf2815c6f9c1a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb\n      Size/MD5:   174824 44a2ace41f17b1f0da1c3ff7199de0f0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb\n      Size/MD5:    90378 e8c95b12f1882e1f9294cb9821dff299\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb\n      Size/MD5:    88784 7069730f8ea7530b607c0ecdedabe693\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb\n      Size/MD5:    74196 a67897463a21167d281a29fab9414ecf\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb\n      Size/MD5:   151636 442a736cb4530a699e4ea844e01763a0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb\n      Size/MD5:    98780 9b374f040468ddfa4c8559c63e4598e1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb\n      Size/MD5:    75054 e41f20599375cef562d50cfd5ea91f22\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb\n      Size/MD5:   130164 7d81597fa246853896dee123c93a3443\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb\n      Size/MD5:    89382 0c4f8f40654fdd09e520145ca2e886bd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb\n      Size/MD5:   105294 1f6862c1c719219da1b965623774def5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb\n      Size/MD5:   107562 634a4e99cee1f7ed5a96fa6d1e5053aa\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb\n      Size/MD5:   106838 ca4bcbbcbb250fc4374477ef17dd5dbd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb\n      Size/MD5:    68678 95aa8f3f675f84b9b445fd5a85c75952\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb\n      Size/MD5:    69252 2d87f35b35295d29bdd76a8172351ac2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb\n      Size/MD5:    68734 8809dd6543372feddd2a5886f6976776\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb\n      Size/MD5:    69728 1b59fdb3a45e0a569445b34d064d0633\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb\n      Size/MD5:   127670 0b38955174a4ed44bd4578c87da66684\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb\n      Size/MD5:    81660 117464ff17f748d0c95aa59f89abf250\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb\n      Size/MD5:    70446 e69222c475300674077226d927e4a156\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb\n      Size/MD5:    99410 33d1cafe6bf0edca99ba9392966d6ab7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb\n      Size/MD5:    87728 726ce3e0143dafcd495e3de4a40cf8c0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb\n      Size/MD5:   131950 e98574be1b719debd2c4542b199cdfcc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb\n      Size/MD5:    73412 b1d2672fcf4c22e883e9b93ddfe70e1a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb\n      Size/MD5:    76710 1254832b3fa89d4cf901bce0bb79c6ba\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb\n      Size/MD5:    75206 36b39c918f6061dd11711972d2025110\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb\n      Size/MD5:    82618 c65b2958ebcc66702c6db1a24aee3813\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb\n      Size/MD5:    70412 26c69d8e78229e07af1aa8176594728d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb\n      Size/MD5:    80920 710cf56fd1e938d25cd1b0ad6a524a08\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb\n      Size/MD5:    70316 83f3d61a2bed0574b25b2b0afb808ff6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb\n      Size/MD5:    91828 01867c3013e5a645d22cd97dc2068e1c\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb\n      Size/MD5:    71154 447987785afddd40f58871ed82d1d8c7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb\n      Size/MD5:    69880 df7253bb410088887e963b4ec185a761\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb\n      Size/MD5:    69582 772f0ae3564c523c6f010b9e54b9dbe6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb\n      Size/MD5:    73168 0a6bc07c0a89ed382852a9f22212882f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb\n      Size/MD5:    70622 a647189fd612aad8b9d57ee1d8d29da4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb\n      Size/MD5:    73350 e5ca5c4d5c85b8b58a2d966c9cc122a5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb\n      Size/MD5:    74194 2d9b7ab568db94f2fdfbf9208c51f269\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb\n      Size/MD5:    69170 bd51f60f99bea164a1655bf99d81080d\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb\n      Size/MD5:    71910 f439b8d1778d01df70f869e04d0f916a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb\n      Size/MD5:    97820 daa144c86465f941bad248f7f2011095\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb\n      Size/MD5:    73544 67eead253f6f73a4c95cff9ee3fe5e45\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb\n      Size/MD5:    71470 462bf1db6bf06a3541c048e978f619e1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb\n      Size/MD5:    70044 56d63787661918acfa11b4c2edf1b363\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb\n      Size/MD5:    68896 407a96555ef0aca1c0f862756985bcc4\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb\n      Size/MD5:    73208 c124d986e5ede6f22d2e6e4468ef44da\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb\n      Size/MD5:    70788 139b257d986d1d81abc5df96ff6c07ac\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb\n      Size/MD5:    67526 da4b3fa6d2ea2cd03ff074fae1f99e11\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb\n      Size/MD5:   102200 d20486be0bd003c871362662945890ce\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb\n      Size/MD5:   274186 2936a9182f8fe998082ea1b094cb4d84\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb\n      Size/MD5:  1463574 ed56597df856cf23c99ea94b0df46132\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz\n      Size/MD5:    59540 862bd1b35276a1f6295ab86afbb0c585\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc\n      Size/MD5:      710 e45aa32ea5d21cea1443eef299963ab6\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz\n      Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz\n      Size/MD5:     7292 53e0bf4639f85be2596ea73128f9786f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc\n      Size/MD5:      743 fb5f2db984b7aa11cc61b95c08908f4e\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz\n      Size/MD5:   816966 29c00c678d4ac9bea8ffe7ba264825d0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz\n      Size/MD5:    31362 fb578e86128d4cefd37470d2b1b7a800\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc\n      Size/MD5:     1804 b8fa2ff2adefb6457a217c145f0a99ee\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz\n      Size/MD5:  7966941 f44f0f07136791ed7a4028bd0dd5eae3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   133862 9849bf94a3c83769fee1c8c40cc5a195\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   717494 0b0587f17aa8338d68f00f4f6de40cf8\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb\n      Size/MD5:   251748 ea23cce32b15ed7b944ceea15a7c28c4\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb\n      Size/MD5:   439876 f4511db24d690e234e2c6157f6f0d86d\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   302752 cdb9b9f31fc890e1f81b6b84e62e6743\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   375884 261b8c8db1350e1729a58bf14455f0d2\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb\n      Size/MD5:   242806 0d259ee4f74d911e61e8d6c1c3fd45a9\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:    49900 6cd998c1385119c61c656454fcafdc57\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:   848976 1de01ffe87bc9aad344ceebf57136501\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  1414328 fcd5128c61ea7c91f5dd0fdd67eb04fd\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  4048070 8a20c1e88020a82b1831541874ce7c48\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:   294524 6b2619e3fbfc72356dc7afa6ee3afa0e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb\n      Size/MD5:  1564542 9ba68a1f137e86d212d7eb264008f4cd\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   117358 a678e7f1914fdc53c66bc12b2563c104\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   677468 1245a799d53d0326992d1fa22bad875b\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb\n      Size/MD5:   227264 9c15e03342736754f33977e838c6d801\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb\n      Size/MD5:   415384 7ae6d5bbe1a4bde544290a80a3e3dc3f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   279004 3551439419ec533ee6e13b4ddad9879f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   320798 e118c7ba341674944cd61dce7dd45266\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb\n      Size/MD5:   216576 9357f5af25709f7e2c5627960a1c965c\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:    42444 13fe0025f651e11decf5072e9ba7c88e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:   748738 8c8fb9a5513045b418ffc3c37337aaa9\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  1241568 96276d9b49ce87040e0d355de948d7af\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  3531364 addce36a358f8e1566118b490517d0d1\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:   294542 401c8007c96f3468eee908422fe384d5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb\n      Size/MD5:  1382554 bfdc3acaba7eae4bfa8f09466c1a14f1\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   134248 3f73867444b6902b21ece5e88bda5736\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   708456 fd230d35b21882e8f33a733571589eb3\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb\n      Size/MD5:   241444 985d65e2f522108b58cbb7101a1c4e93\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb\n      Size/MD5:   429892 e96a4115854d6b32907a3249bda2a0b4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   290970 714aaa371169f80396afd1d5d0bc082a\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   369962 cda66f3b003f5faeabe2225356ff414c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb\n      Size/MD5:   235378 3086125be0dd5bb2480f31d4a21b46c6\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:    55158 3d6a6b1cf5be95e00a48e5523d641d29\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:   825340 a5329d0d2322ebb0c2d102a47635216f\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  1368184 0e1b6171168a996773c760b8b875648e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  4076112 3668d14302e64241292219b67e1f9659\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:   294538 5ef1c38d239ef6e6ac65d852d96c1665\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb\n      Size/MD5:  1506656 fc1885b7b5f482fe734f5d081b072b51\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   120076 f0524701f9defa5d49f80b333dba9161\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   683560 22024047655d0a6e26c484d1d231be3c\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb\n      Size/MD5:   222408 4a26ce30531b338bc5ce9e16bfcda691\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb\n      Size/MD5:   410888 897071c782c16c0e3000a9c4586e184f\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   297866 0775567bab801a064f92e79c0939886c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   321246 8e57f2843bf6cb39a8cbde389c740872\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb\n      Size/MD5:   229820 c0e50a0ea242052b971dbd43f4144d6f\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:    43880 705741e8b4a3cd9b591da2a1b85db401\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:   758608 92ca7b1ee8f4509a4222c1dae58cb288\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  1313218 208167a5f9f5d074bf1f162da5377664\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  3789064 d7127a902bc8951e03e70baece970b34\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:   294998 c2d3c3b6673c8c8f70d23db3712c134b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb\n      Size/MD5:  1445764 a1efd9aa2fa04d62f69771887a5d557f\n\nUpdated packages for Ubuntu 6.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz\n      Size/MD5:    32265 c95bae22cdf8aff7dd045ffd19b84acb\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc\n      Size/MD5:      804 3c64a49cc8029e44361ec5b5dbac0a96\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz\n      Size/MD5:  1451392 a584e84d617c6e7919b4aef9b5106cf4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz\n      Size/MD5:    21080 14f360ae2e6a5c3a535ba34244f513c9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc\n      Size/MD5:      923 df21beb2608cc68aa140d315041d9795\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz\n      Size/MD5:   827186 b4cb7808df5804efeb457043fed13782\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz\n      Size/MD5:    92001 cbe621e817e97c8a67ee7465bf3fa266\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc\n      Size/MD5:     2020 e4b095a246fd0a52f314ce371b3e0cb6\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz\n      Size/MD5:  8388609 15852049050e49f380f953d8715500b9\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   150940 92d6b1c0aa652e6e8f013ae4048f4062\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   668960 0e5ff244ad6488cd3eb801b3768b7eda\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb\n      Size/MD5:   248264 4328e1df8f13a92086bc6dc0c43add50\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb\n      Size/MD5:   353738 c41d6ae077ca5f31a25cc0f58cbd93c9\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   305140 eaa2799e4a889de2924c16629750c749\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   354690 d06520d61f32e74f26764e6dbc1c14c4\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb\n      Size/MD5:   242998 5e24330de281bfc1bd33341abb57d967\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:    57434 5edf610ecbdd99e59f118959ca0eb414\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:   813654 4da55af97b7c83f85c557df79f66c0c2\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1427180 efafeb1045b436463419496481cfdc78\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1608506 39e8887d0c3b1d4b4059a990ccacc07b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  3917424 d69cc89a0777f800d5e74e3a8041fd93\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:   297442 b41410b7b585f2960827f912241891bc\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb\n      Size/MD5:  1579394 facb0f2f9c2722e4d07af7dea9f838e5\n\n  i386 architecture (x86 compatible Intel/AMD)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   134026 6a3c9319eba74a20e6f5c0e3457a2e97\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   640492 bb5ed3196a9e9fb626c17d96f40b3b2e\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb\n      Size/MD5:   235400 cde67a8b74de363b4d3e1abe0f41e781\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb\n      Size/MD5:   341274 5aee6b86c26c312e17acf68808b737cc\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   291958 2344c15719ade83c6e125e29e4b86c23\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   336952 fe81984c7c8cf4a8ca6a0f44998bc0eb\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb\n      Size/MD5:   226028 5456ac2131d824a096d1e979cecfcea4\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:    50646 23cd4f9ca5689117c09c43ebdcfea49e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:   751476 f3769d8fb8508eca644db0c8d9530a08\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1327210 73b1fa3c9d0e365f029962cb4e920b8e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1498720 e7e629d60198742c9040687d9c02d108\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  3563454 7f18073d92ab9a8a5fbb096b483598b5\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:   297484 7d506b6a3fee567e20a2a5e7aa6c2bc7\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb\n      Size/MD5:  1475138 fffb6ddb7a71160b492de7c8987cfc9b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   148582 24a4dc3fcd4e9ed1cc439178926016b4\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   663380 d84c7eab9c0a1678485b5c10c99e227d\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb\n      Size/MD5:   241628 bff6e436dc7884091e9a159425fb3345\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb\n      Size/MD5:   346870 8da887f46827f7a148b9d5573d6cb526\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   295948 e373a2fb962bbd917ed1475707925379\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   353796 9ad2219e7d15c1e5267c922f5d518954\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb\n      Size/MD5:   237280 a187dc106461ded50a6cafe3b7e5442d\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:    63432 d611ac901c34e99a1cfc77956c6f42c4\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:   797454 d0208072254a9e1e6041b12f660a7cf0\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1401888 9af060d4e15bcbc8bd55ec3b77f8f733\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1565976 22e88a95a1d3dc23299f782df124578e\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  3983002 3345dba424bb25e0862b66acda8747d8\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:   297498 55dd5abe4abf1c7ef441c85dc070e68a\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb\n      Size/MD5:  1541334 474f69d831b778c5825ae02d340556e2\n\n  sparc architecture (Sun SPARC/UltraSPARC)\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   131806 c3d342df6c666a6ff77ad70c7c729297\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   635934 2ba5cf3a10353ed63a2b08a5ebd038ff\n    http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb\n      Size/MD5:   220156 4f9315e0d159b61aed69ae09c8282b82\n    http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb\n      Size/MD5:   325494 95813d719f39a3b86f6b44cda4519a83\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   304582 8bca3c95b9e5f10d08357fb32ffa690c\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   321526 1765ba83a127b01ed81632785688a0b0\n    http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb\n      Size/MD5:   234114 fd5c8e1b70051aeae6d189037043c23e\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:    50314 9fdc77ad9a5448d3b92c3b05fcfc4ac1\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:   733754 8d5052a6cb973b478b57efcf9535020b\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1344340 10ad7e4b138b14102ab3a396fa31255f\n    http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1500142 801229631c468c808bc3570a02f36436\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  3695516 c037048a7c2971f1c064e1644083a738\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:   297856 45e8359cdae581b6ab4d5ad683a4ba89\n    http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb\n      Size/MD5:  1477724 8d6c6d871e63e6009ab6f9be3b10300f\n\n. This request is used to determine what resource IDs\n are available for use. This function contains two vulnerabilities,\n both result in memory corruption of either the stack or heap. The\n ALLOCATE_LOCAL() macro used by this function allocates memory on the\n stack using alloca() on systems where alloca() is present, or using\n the heap otherwise. The handler function takes a user provided value,\n multiplies it, and then passes it to the above macro. This results in\n both an integer overflow vulnerability, and an alloca() stack pointer\n shifting vulnerability. (CVE-2007-1003)\n \n iDefense reported two integer overflows in the way X.org handled\n various font files. (CVE-2007-1351, CVE-2007-1352)\n \n TightVNC uses some of the same code base as Xorg, and has the same\n vulnerable code. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 68955a65584a1c964141aa1d0e44f7e0  2007.0/i586/tightvnc-1.2.9-13.2mdv2007.0.i586.rpm\n 9928944d22067747b5427a15ab59c853  2007.0/i586/tightvnc-doc-1.2.9-13.2mdv2007.0.i586.rpm\n 9a6643c4c00c3d758a204e1b46969914  2007.0/i586/tightvnc-server-1.2.9-13.2mdv2007.0.i586.rpm \n 0a4abe1c964ed13e3d445efc0c1dd244  2007.0/SRPMS/tightvnc-1.2.9-13.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 700ed069013c7cfef989263344e41dd0  2007.0/x86_64/tightvnc-1.2.9-13.2mdv2007.0.x86_64.rpm\n 8a8c9a1721c9521d2224da5b73ddaf76  2007.0/x86_64/tightvnc-doc-1.2.9-13.2mdv2007.0.x86_64.rpm\n 7a6402ace347731a1ae8722d80a75638  2007.0/x86_64/tightvnc-server-1.2.9-13.2mdv2007.0.x86_64.rpm \n 0a4abe1c964ed13e3d445efc0c1dd244  2007.0/SRPMS/tightvnc-1.2.9-13.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 65109fe6bab801e11e503b60b308643b  corporate/3.0/i586/tightvnc-1.2.9-2.2.C30mdk.i586.rpm\n 3b08614f635cd9cf8b68d7c76d30b345  corporate/3.0/i586/tightvnc-doc-1.2.9-2.2.C30mdk.i586.rpm\n 0e61567902f05149ac4f08e64953febf  corporate/3.0/i586/tightvnc-server-1.2.9-2.2.C30mdk.i586.rpm \n e019fb72dce33e1dbf2e6f7a3bdcb384  corporate/3.0/SRPMS/tightvnc-1.2.9-2.2.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n ef2e7129cf59e0dbdbf783ebbefb7e43  corporate/3.0/x86_64/tightvnc-1.2.9-2.2.C30mdk.x86_64.rpm\n cdd378ae7999c118a7dfafd0c67cc674  corporate/3.0/x86_64/tightvnc-doc-1.2.9-2.2.C30mdk.x86_64.rpm\n e30948128bc10c8aacc06694d986b1fa  corporate/3.0/x86_64/tightvnc-server-1.2.9-2.2.C30mdk.x86_64.rpm \n e019fb72dce33e1dbf2e6f7a3bdcb384  corporate/3.0/SRPMS/tightvnc-1.2.9-2.2.C30mdk.src.rpm\n\n Corporate 4.0:\n 173bc482a466816a6b0c5a8b5568b8ef  corporate/4.0/i586/tightvnc-1.2.9-6.2.20060mlcs4.i586.rpm\n 5b274d7ac4cd7758411ddbafc885209e  corporate/4.0/i586/tightvnc-doc-1.2.9-6.2.20060mlcs4.i586.rpm\n 41fe3f9509d09eaa69f915afb348fee0  corporate/4.0/i586/tightvnc-server-1.2.9-6.2.20060mlcs4.i586.rpm \n 2651d5941592eba01e6acf47382d9cae  corporate/4.0/SRPMS/tightvnc-1.2.9-6.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n e1aef1895d0bbbc24690e778ec848d74  corporate/4.0/x86_64/tightvnc-1.2.9-6.2.20060mlcs4.x86_64.rpm\n 54537c7aa36eff300a96daac296af9ed  corporate/4.0/x86_64/tightvnc-doc-1.2.9-6.2.20060mlcs4.x86_64.rpm\n 342dc521a4cf33fdf775f0c13191a552  corporate/4.0/x86_64/tightvnc-server-1.2.9-6.2.20060mlcs4.x86_64.rpm \n 2651d5941592eba01e6acf47382d9cae  corporate/4.0/SRPMS/tightvnc-1.2.9-6.2.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1294-1                    security@debian.org\nhttp://www.debian.org/security/                         Moritz Muehlenhoff\nMay 17th, 2007                          http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : xfree86\nVulnerability  : several\nProblem-Type   : local\nDebian-specific: no\nCVE ID         : CVE-2007-1003 CVE-2007-1351 CVE-2007-1352 CVE-2007-1667\n\nSeveral vulnerabilities have been discovered in the X Window System,\nwhich may lead to privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2007-1003\n\n    Sean Larsson discovered an integer overflow in the XC-MISC extension,\n    which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1351\n\n    Greg MacManus discovered an integer overflow in the font handling,\n    which might lead to denial of service or local privilege escalation. \n\nCVE-2007-1352\n\n    Greg MacManus discovered an integer overflow in the font handling,\n    which might lead to denial of service or local privilege escalation. \n    This update introduces tighter sanity checking of input passed to\n    XCreateImage(). To cope with this an updated rdesktop package is\n    delivered along with this security update. Another application\n    reported to break is the proprietary Opera browser, which isn\u0027t\n    part of Debian. The vendor has released updated packages, though. \n\nFor the old stable distribution (sarge) these problems have been fixed in\nversion 4.3.0.dfsg.1-14sarge4. This update lacks builds for the Sparc\narchitecture, due to problems on the build host. Packages will be released\nonce this problem has been resolved. \n\nThe stable distribution (etch) isn\u0027t affected by these problems, as the\nvulnerabilities have already been fixed during the Etch preparation\nfreeze phase. \n\nWe recommend that you upgrade your XFree86 packages. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc\n      Size/MD5 checksum:     2642 189d0d7d0b7dbbf26755923b438e5e4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz\n      Size/MD5 checksum:  3644476 e3ae500a08998d20996e1b386253e1cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz\n      Size/MD5 checksum: 59123696 8e6990288c8f1a1d1e03f7c36d7185ee\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc\n      Size/MD5 checksum:      623 95239010d328848d69bbcd59df29ee1b\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz\n      Size/MD5 checksum:    10664 ac732ace18f41e829a3c38730934fbc4\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz\n      Size/MD5 checksum:   202531 542cb9d9b4dd1ecaf3ed4ff753fea7b8\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   159434 d8aede0aaa9682ba7997447110d31ca5\n    http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   216476 5401b81557f7953a5e476127544a94f6\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158730 8f841f4bc6efc65cc48e468163170116\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  8195040 c3c684a6c8a3a10f280ce25a6523fa50\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  4363090 0a9af1fd8109decea7c5e2bc9342a1c7\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  7073122 b42b7454c680f94cf4d912d6e263c679\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  3840910 eba04ef15ba7280352b8731e2705726b\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  1203680 546bafab0ffec15de52f51983bcf2c07\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  5490622 7d4613aadcadb86fc4242363784818ba\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   541216 16dbec56de243edf187e52c650532e91\n    http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   901006 adf45fe9c5d1d84f912d2a9b789a1b8b\n    http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   815600 154c4731c74c14685319ffd2e5535f79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158582 5ec2b681939a466c832c7b91a6c71589\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158596 2a90dc555891313b58b5b0d11e33b8c8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   907066 a82eb5f3920df1c3e4c42c212efb78a7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158648 bed92016a1cedd08e985becce0aadec1\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158646 e55d85a5a7d6687cbf802575038344d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   158554 96ba78abf30b4e2d087f2797625589cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:   426718 64389fde8c4cb693fef2a5953fb2b109\n    http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb\n      Size/MD5 checksum:  5835466 28f15b50daff3453e208642777c1c311\n\n  Alpha architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   284996 92f0024fab7a481cd4e34dc024f457aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   441170 70ec1d5a6b3bf7a36863360747e6cdb4\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   313428 2b07fef9a8355e4d43947a1a63aff81e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   822188 fd73dfdda3bc273ce185908a3720c45a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   230570 9ab3ab85a12236d862e78b0f0f87dea7\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   209934 e15bfecad9eab9fb197772520d21067a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   295454 33ccdd1fc0dc73ccc66a45c0ae8a290d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184480 3fe3048544b48f0926dbf6f4d163dd0e\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184848 b5c69e554bcdce7e1baecdb8a1cb5c9c\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   209954 49853ed0ce0dc522e9f43d77ed807137\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   816088 94c427b0abe62c425b2bcdf372c792c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  9804934 4623cd96de525311a862c2e1fad78344\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1576092 8e18e092949d8bd0f9e5ffb9d7f447e9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   317732 e2f03ac371b2cbb1a2b84dae43959f3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   934034 af848a96c5dabdb756549d66f16f5ad5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522864 fe5ee0cf23f25f8e625a1428f90e39d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   382736 5fb1194cbf510977519c2f99903f3e8d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1100610 6dcc0fc3c214c8a37ef8180a8d0f4fd4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522770 ff4f2ad7f5a1fa456abc16994685c6b6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   265026 facae3a81139d2ce5a0bd21cd665e2ca\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   196480 7cf0508ef339715f25f1ce5707de2584\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   522270 1c140d44feaf9074fe7209933917d36a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   195706 6b44c3f7c5020cc71d3122fdb43380e9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   481102 f3cba0d63e52a2af0e63b1b052453089\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   240792 5025ff049d9f7deb22e11a300094187b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   186222 7c8e6177656e754587aaa42e8083059e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1182630 e2738f6b53b5aa55169fc829aa2f3c4a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   244840 76fed36704d9ca23cc4a91c321490b34\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   219782 bb1280080a6db83d8a97510c70dfa588\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   680140 9e24b96bf063fc9ce13f22fc457a50b9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   164774 a41d399a9f2d550f1ffc8b1095c4417d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   172674 13676ac5abfe9594642adc4c054014ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   210192 79cdcc5df1939ea1126859397db7fc57\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   187902 dd499bdc63f54559b3e7978c58067a7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   182996 ae344d4a81325bb7de8b95ccf977d6cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   576046 a1f7ab50d292c9682de56abdc1539e1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   212166 54359c662494bb8f9798eb530b05c39d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   204384 89026d497d9ef72ba5c8cedb005ae99a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   253810 07d21c94db5f5261077163a7fef92363\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   173260 621062aa574e5a4470cb2d59d58d4364\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   172984 a53a8fbeb82124fcf1ac73b47246e654\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   203096 9fd958db6e8f017b01e9471e56225e67\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   713138 5ac37e4a6928ae1d6214c1ea683cf532\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   361134 4e469b9b10ef878a3a631b58e3b828d7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1587114 914c6b4c39ed31c2fbee379e2d0ba25b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   191798 af942f90192c1b423de6ff15552fe7ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184318 461e3515c225271484349872db566ecf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   411934 25f0ad51173c5b1a91c657f1218a79ca\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   176406 8c0975faeee6e39952cf1a8ae7983ac2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   177950 991487364f13ea794c44c3aff02a8342\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   241462 716284f0af443ef15e5a3a2c1753baa2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   193636 8eb36dcc7cb99f393fbdc8fa315a0cb9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   174330 9f2e68247409abd7359cccd02ea2ed9a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   206192 155c096549ecebf30bd0b6de96266cac\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184952 c60abc527075ecb5c2effb72411506b0\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   289606 9cdbb7e62dc88b2688febd15e62092dc\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158684 ca7c7c54102b761de517ef8c7ff9f76b\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158738 e9e98a97d36c517bbff6f7451e8da8d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2376330 27c274f345160933475691031385b692\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   327180 32ee0206f299daf84c440520238fffdb\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   600554 6994f0009df1a92aeba7a11a6a72f4e9\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   184230 7667cbb1c995ba9e2216d51342e67f06\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  4558712 5f077e532f6aef7c0d16f55d37b37a87\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum: 33948052 58f1da513a5c267c6597efc19466b130\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   351116 5184250018192b80b4d09e24ae0f96fc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1339534 abc46934dea4b20c63e577f6974ca8f7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   816672 9031709350853f211428feb2802354da\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   393160 6322d814900e1eda70a70e08aded0051\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1150632 ce6676e1d7b13f8a28d95ee787e19fd2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   537396 958d4ec3a45f1bc1effa47a358368472\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   158482 d5382eb6f50ba085a7cf15e352e85910\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1007052 601156a062591921fa46a3212a868ac8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   811486 8b324588f46711216a44ece926bdcc2d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  4640908 2688e37b3f3ad30257e74afd5ee95310\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1114488 77e08891ea808d8869350f8329852d43\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   490082 8d3580ee576dc319be0ce3681706c9a9\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   246932 61777c7301c1d3ddc00e8acdc3c0bb2f\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2088768 28613cf2d2f1bc5c0c12c22e68e9878c\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   331698 39f4331d0c561f6e5aff79af12be34d7\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  6595862 5cdcc2dd8744fd0cc46d27de86c66665\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum: 45036960 2969cb0a57378f06b4519b2cd839478d\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:   550006 eca34c5b462dcce8dd12e7da120d5159\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  1033800 744333bde498149283ae7d7af7d7f460\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb\n      Size/MD5 checksum:  2271050 c10ec9d6fefb6b5d1f6d429024e1e833\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb\n      Size/MD5 checksum:   148190 50852b7df4448215e4d3ec188f9ca24e\n\n  AMD64 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   262298 1ce19c8bd9baef60202cd3a97ef520dc\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   367224 848b9949b6ff456b4543ff3579edba4c\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   299272 3491bfc3583d440511b0bd8687d9843f\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   798094 3cda9b3a44c3445a418567f2c19007eb\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   209850 58c642bc21913976fed73c4611e63120\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   205372 1c7e44bf812e2d336f13103253c45545\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   288966 0fd8fdd5b67911693c9ff03f589e3e1d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   178436 cdaebc2f0a0bab775d04cd8f603a1b0c\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   183446 7fcd4b47cc4e44983b8103e202faebcb\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   207798 37d7f9a57604895952f6cd07712be13a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   749416 36e10229fd2ed52bfc595c8b708fdb71\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  9651358 c0b4dd4d11d8ac6ebe249338b3ce1d74\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1421668 0f0093d5081ad93c1154d9e4cae3ce2d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   295162 c0161225e5f92dd930b8c2f582acc80c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   903762 f48cf6f781708a7eb7b309cd823b2877\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   440728 5c9d6a694d0bd09f6be2f32c97eac671\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   350892 67fcc3ec3099427d4767c6e4427a9391\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1044460 00f7bed4c6bf4bfe2228495826e6f4ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   440628 701b3a51c651e67b7e2c18e11e30458d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   251400 ef31c9173b291ac5d78348a840674f79\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   191154 36f3fe9c393cb0ce2dcf5730b0107613\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   512612 3dee7413902951b2a7dd383bae5f0d69\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   192936 b64eb7b1d740d0b107215b291184d7cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   476486 92c4f49830414e0dc0341a7ab9efee24\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   233066 4a1a67f6d6bbf17baa360d4fe3d2de6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   180474 4f4e2522cb226dfa17d5ba9b0d40e926\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1168298 32785a1d0229c721785082055b4fe145\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   226012 7199fab356a9c6381c0a1119bfe52e98\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   212288 6c78ac6ec10145825238b283d4a8ad62\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   662854 45c8aa47be60747fdebe6c34845b707e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   163456 85bd979736e1119dbe5c73d420d83013\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   172100 4f4301a328b952ef0566b8d7c43b1c40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   208938 0ddf06170b98d7f0f0d7dd8932bb1867\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   181560 4cf60ff4d472ca7ddac86633e4acfeec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   180494 45e08ffa571b1b67b08a0d5c2d75e285\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   569452 3569f24efe2174038b829d5d05f1dc82\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   197926 85b5527de1a09c351b03f4018a64b406\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   197300 065147ca72c7a3364f450c8c781fab26\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   247486 9c213618f78a041491f76de00c2577a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   171968 c7e9e49de0cb61453be5ffc2aa94e74d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   172104 4ead3bfa45d1ca8957e5e10c1de03653\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   201308 bb9e5c557e50a45930b680b8f6468806\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   644166 a10f0657d008a8f086b07eed9706b041\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   346064 7ebef79c15df3c822cfc57ab443ee315\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1552102 7ba29d766762336706712893e21f8fbf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   187202 1a1c28f352c671bc5437e52158c058f1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   182508 e8edde7b41222fcb15b5c68a148a805b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   413140 e55e37fe1e0224a6d225e88fbafc9607\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   171912 e4d12ec69ebb49ad62d987505704f967\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   175416 5c6da5160e9441d30e0869817ef15509\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   237626 4655e7033b095f39dec9884ae45aa832\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   191668 b091ea03ff5acbf27f0e0b7a74bdf929\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   173528 0350d13430157d5c86819cf928ff29ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   204446 f7ebe443d878728a3637ab346c311a63\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   183666 4d2b4de0f1e4a77261b90d25eb770613\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   277370 a8420df28b4d294f7bec2e104cd44279\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158794 f8a1514fdca77984512353d0b5d1f420\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158848 2a03cd93698571c4a13512ca990a8db2\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  2083786 97d1d4ebd6a452a2ff83928bedbb31d6\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   318224 59a6e966e6e49595101e733479eea356\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   516518 2124d855e582ef5e2012daab5a8a600a\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   182408 7ce0f38da0445d6a68b41542f655ac43\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  4202892 fdef8312cf8f94710eb818f21f3bd52c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum: 38018732 a168452b292cf7ec130e13c2930e6ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   333556 d64d8c6d1bb0e5f979a38b5538f5762c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1316908 f8accdf7495d3f03842f03d4c4f069bd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   735302 e548bb1b381140f6a5133c491178df6d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   368324 730509f902394ab4534bc213ee093a71\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1122710 7dad7f9fd6f9910d73c9df4ecaa16c6c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   460486 339cb1301a8dcc4bca57539c4a7d9c24\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   158598 457cb5b6103df84a88c06f618cfdb9ab\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   789176 422bc34409184b39cb3f224954e2a50a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   686604 393409c039840d0b0757d82f843e3ade\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  4489970 b8e7dcf3952f41fb2812905ffc561f7d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   889632 e0b5d43013c6bc904f40026dd3c06712\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   400280 4e16b740df809e4ca7a02b971a251d4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   236366 3c314ad0880bcee610a3e37f634b744e\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1620482 f703f2c8e36bdf4cc943b3abe563421a\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   337152 a8751e299ee2bc2fe354fd82bc4a01f3\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  5695770 e1de32c84f307dffe6c64100b38525ce\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  6039138 6e451f23e2b38b6c4f9fe1b9d65a62be\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   521528 9e2ad4fda8330b388f5efb0cb59c4d5d\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:   962224 0380eefc014116e02bcea08a187d3bb6\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb\n      Size/MD5 checksum:  1763954 d099a99b9f35f7c2a92fba27851f1c41\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb\n      Size/MD5 checksum:   103960 e10dc9a0c018be14c3941d097e61a263\n\n  ARM architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   254506 c4bfe2b890b7f1aa92a6ea50c8fda17d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   353848 d83d9bea399500268bda162ee4d4d7f9\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   274282 b6b25b1e771e3a003c3ffd2665dfaf7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   778514 1aaba6276196c2965031048943a106de\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208310 93bed067f155c25a867a36f228b280be\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   200248 b8a08cb43eed69036fa08f885785df01\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   285400 94e59aa1305da66cd82e7cd736b4eec9\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   177720 fe578cfb4393d969205552b9904f0eb8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   180490 45723695fe5e39496c503a4716f47cec\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   204986 6b5f5c883b10d0df4e36da876684519b\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   708938 c7a004360821b10f119b823925f7b4d0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  9661608 ad3f42ed447f33881c2a85dfa26c3ed8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1411312 8aaa1222ce69df4f196e85fad581bbdb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   283694 8bacc834c0bc7f647db4b730fde8601b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   894954 0e6d96ba308fe7899384736e3028406a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   437716 9142fbf29b65c4df6f6cdc31a02609fc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   335288 e375c507a70b653c95f5df809651e349\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1029416 7fd74f1c7842bf34e75ffd4d1748a920\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   437618 a5fdf7dc60012ab80d091d6b86aa7921\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   254630 654f145f734a4ec8dac276b77b8c5c0e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   188842 ca9cbf1890dcd8be553056e006fb9188\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   511660 0cbc8f25a45a380fcd7024a3182ca035\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   189158 28074b2cac5f6d2567a07838adf5ddd9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   471094 6e7bb9a3985f5d78d5923b889c46c82c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   233430 995db9bfc5b8db3e1af233263d63c237\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   179462 93ecb7bd10f52380b29ca88a18cd3855\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1172306 6510aa4bc254dc1aaf4a718d6ade928d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   223670 a845d16a971ce1cf0bf4a62224a9fbda\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208072 908593679b7fc7e8da53b8c034fcb3c1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   664842 71c12addab4acafb4564f181cd57eff7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   163218 04f22173f8dbf2330514507150dfda2a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   171618 fe9c60b4d8ce2b6496bb9d922e54ddfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   208674 83f13a1c2d164a7298878766f2d735c7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181310 c95d79bfb7fd207f4d90622d3d8c3071\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   178266 5001d9e620dd228aadff0f7dab2dd942\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   567858 97d087ed756b6c6fcda1a66be9da8095\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   198280 462db4041e1ca77b658bdd6ca22808d9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   194454 2e989bd9bf07a72a21a313bd7fbf9d46\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   243848 b676a5b4b52aad00cae35996a99293f3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   172170 11b217f5e995f7beb31c047545c33abb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   171718 7f71e6890619d9415c78dae14019866a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   201068 766750858aabd3e4ca693ed92c7da7fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   645466 0f2f37d4f76e79aee71893595c289886\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   327336 aad47d15f3b07d709e3bfca61f90f695\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1539196 220a5d415800dcbc9aa05928b95babea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   185942 8a041e7c63ea5a48eeb87329af17931e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   179524 490fdd28d4098f64fa080ca98124a150\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   413616 ed79f35c87fa43b63c5fa5a5bce10aa8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   173084 3a3b10c302b21e328d5c77c92a11d53c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   174796 22382068183a2f25fbb2630862fe6c03\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   237432 2f9c7d966572c7c508bf1f4eb951eb18\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   192874 8a02b3523c09a5d20c25e2499c271ed0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   172932 58f6c0989bccdf51646f6cc85a7ad3a1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   204124 719091e4ca99073d68a83abc356dbac8\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181896 0281298f86d1734968f570ec266055c8\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   274086 32b425d803d2876474d59fd6095c18c9\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158788 9340b0647c7e0509f201b6030ba32e50\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158834 c3b39287a06ec827f29ff2961a6e5f1d\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1940412 a0311cf7769b8009f316dac534be27aa\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   309434 4c18c2e9b31637ffa4638dcd15c5e33c\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   500544 5b1adae68f8062db2b18595d791659ea\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   181030 02052edad72f025589d2267cf0c778c3\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   280888 3e2f8ee82d0cf25240bd591c81fe53d7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1191474 c4abbbb972e895d75ee0ced411ba18fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   725146 fc5318a01d187d4b727c24ace68a241f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   352390 46290e6b3b8fe147aa8d1c2fe1481f36\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1098268 b79588bea1a524686b627b9eafcdadf2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   459654 1f6ae7b019a5a824ae17df9a80a85b52\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   158588 5467c615528a5d4a9cfe3e76afef1464\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   908824 ec265f126c7d0b2cef91918bee54e051\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   409248 4224dfa3119d8d231192700e5eabfa2d\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   226552 3e82b73d832d529c1a6b7e64ba98dfe5\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1558376 af2dd08ca667f05a447d7d0ffc8b667b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   336698 0482b56c7f71d5f044692dc3e70b51c2\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  5528280 3f47b74fbca3d0793b94d6c02ffbc6f2\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum: 43853336 8c79f42c0a5affa81581acdf66261171\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   508736 68adff865be90604a977176c9cf2684c\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:   906628 cc7ffda09bf14ea886d48f3c9a6710be\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb\n      Size/MD5 checksum:  1699656 d34c6bb37c3c5f0eb4b5bf822aa36b0f\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb\n      Size/MD5 checksum:   106868 7e645dba8d76959991e9c624caf76eeb\n\n  HP Precision architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   264792 9424d7e1d21fb19a7bf3c31fd59c41a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   372312 c91f48c32b473e0e162b6b1ca0806459\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   306544 734eb14d0c2db80d2600986840e6ffa5\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   813736 c84b6a4e597102ba4775f472f9aae439\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   212434 bbcd96bb00f58417f32ea4329953233c\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   206934 c765a54d65f4f7eff593c622c7a66835\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   290350 d6934062e7680076fa5204fb542919c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   178552 2491a6cf3329a1b3e75050c93e422cfe\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183590 b6c26839f416745c82e35497730867c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   207650 4de6cde4c6cbede4b5d22666ad941122\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   780302 6c521d1bdf4177266123eeebb59db7e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  9906326 bec9e8186d854168c96292f0cbcc2f30\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1443564 6f7cbc5293caba59f7d76eba36ae3b85\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   307060 1f3d61dc3d9552f1671b9850bb8b68ec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   926814 2df67d8e37eea2f3982099958c7f58d5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   454834 0691f5a5e1241f1dab1896d38b30521e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   367534 5858d24a08a0ae6a2a5584cd3e24ec34\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1070688 889919869c53bbb0a4fa32f4f81643a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   454720 471004c0aac198ea9fc5c38d1fc092eb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   253758 b424edc08b899316821c70525795ac44\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   194058 2f7cdc4e84eaf340a7d1cbc3399e49bd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   524662 c41b8e84537da3673e6deb03a6b00ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   193438 8fa5c65cfc8e6d0fea7b698d071138f9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   482956 265fe13bcce21d770a6c6d597954f0ea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   233902 fb2f7de98c3f5b1e7430c535e54e7ddf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182062 6dd46f3db2fa404bb522b135db426d96\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1202862 16284f5703bf36c82023c3f9d35835c3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   230482 69af864210b495ecdf205cc503ab95a5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   216180 b9cb762a3288b979cda8cba6469cdb33\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   684228 cedf92752aa08f4ce65fbfe96d2e3702\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   164026 7f6e983d2bb07ba429c0a224574301b7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172904 983a70b6e4b52541e6bb8b54ecd469bd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   210406 0d9c427d666629366d9d9a69fe498632\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182556 5b44f2ffb038758a013d0d86be46f736\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   181626 e8d9d3e7ef2d9e4fd32d845df42b436d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   577962 75302d045e4147243434844eef3ab539\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   201518 6d1b92e93e4e3f9e1c180124280e3703\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   201996 db76f8d685d31e642f624dddf865a8d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   250654 256d02fb05d69adbf774cd9db296ce85\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172394 51fda3af7874e80bda0336b767b8ecfa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172682 819c2b22b4a4d4f4e69e4c571a58683d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   202344 e6d067d3255b9c23fff4fc7f51c2608c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   665382 db08734e96056212e56d6f45c72b7b46\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   358688 dda0a4e43071aa9fa663fae4acfeada8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1569924 db27d054597116e63330d43b060f80e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   187684 657c19f170c386aeccfcbe896de0f381\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   182544 d628379cff2189fa57ca6276585752f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   410980 e0d6fb0dcceea37d3bfd820392f7bc61\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   172844 8d041b5c14691c937dc5d97fff283c7f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   176412 0f976b467fda140f96bc4d571cd1693d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   239352 f6be64ed56faa4dfc2e0fb5e0989b83c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   192220 9a02c09b3c16ab073ac3c4bf46b7a212\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   174108 cd9a6247282ed00294bab503e4c81dc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   205572 57303e5edfc3a91f074cf354b1c4ada4\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183914 015d754d01788c8d4a1780ea27a1126b\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   279790 6c9e6d652a415222746a6c2a4146249e\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158792 0a19e673ef1b669c9bd3160fb3dc183a\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158840 a8c4f30320308ba9ef0196b4dc2d60fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  2117262 250a9d60ba2becb670327a9f78315610\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   317244 508110262fa2e49cf96cf9eb1ab6a0db\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   546534 892f8c24b7392fc642bf6c2486023ba1\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   183002 3a4d3f2e8bb6c62501962d6592d6be10\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   339374 059d5d64e82dc90a540a068b551d7258\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1261264 7c28a6385ec39831b777520533085a59\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   773180 d652cf318d2aaf08fb64c74fdc4c64d2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   403704 cd9201d2131b1ae8bc3cf9096b067c78\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1175934 e3d0d49bec1b29acb9aad2cc3d38a378\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   497318 21469a1bb347d03ea83c0130bc4820ec\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   158592 20258fd573b5a6e0ec0526cd7dbe2a6a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   956362 40bf15e3f897bbb8ee8955f25a520189\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   422808 392e0cc23412a356d67fc07aa51bd4d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   237592 743bf913ab9198295e3c045ecbf70a2b\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1803862 7aa09096087a983e7a16fd210e0c6901\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   337492 82807bc3b69b4efe86c0a3aea38b8527\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  4100222 3ffb5b75498897f6a9a3aff0d05003d9\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum: 45021232 ad2022b9e1413e5ed610b5307faacc60\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   530248 979dad322b0b9e1619758cd8d5d72f07\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:   977232 1b525f046ce3fa3d84ff0bbd1c72b0b3\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb\n      Size/MD5 checksum:  1969386 ac1a2134a3afc4b680a31526ad220c5e\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb\n      Size/MD5 checksum:   115866 a101d8b69db97092f3e52541be1460fa\n\n  Intel IA-32 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   250230 3ad753c5bf9399dc00645876680e83be\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   342276 c1f9f7c6dcdd7153898727d128f58068\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   286150 81f15d2bc7f03b0a881d82565390f380\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   782768 c55920ea0f7d13e63d5061775f4943f0\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   205356 b56681e15102a887507bf3285732cb67\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   203514 4cd8e50adfffc863b0a3c0010dd5bf39\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   286264 f2f54740eb60bc96eb7b39817e4fcfae\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   176718 832a20eec2a4c8d198421514f47767c4\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   181274 4e7a1ce300e1787728ae9c43b49842a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   205378 7f8ebdef0d31e6169d9cfd6fc2cc44ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   725158 eb243b4a9e705f824e9b81ea9ce3f92a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  9600288 94eb5086f3528eecc740a6a5454dfafb\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1358436 c46f41b1b294751ddd81fa325bf574fb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   285434 3ec944fb16f03ff2191815789b926885\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   890614 5ccab68e345e79b9a5f87c24613ef434\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   414284 8fb663257fc2aec2637fd15e4f95207a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   338666 4ae310f5dd35bb1a5735c6a9937bc29d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1025578 b67d080e9096b5488a9a67ffbc1b55db\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   414194 1398106e83b08b50a9c8bd86487858c2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   246880 eec68ae5de683b31245a248ab7acd995\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   188456 bb2d50b4439ddb8fa6602c36893a7a70\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   507564 bc8514376d15899b530608ee6762e222\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   190786 de17e522a4a47b3c8594140b1c832042\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   469928 86e0dc5f50e01d92505ae4565665c457\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   231136 947c90d63fbb09a0435fa84a73800b18\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   179574 c040ea78299a4a77cbde6965487be65a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1166540 eeda20ce5fd4f83c098fda0fdd663e6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   218400 5d475727a2de404128fdc25622d6a5c1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   209834 fa5a4db6f1de17988bdfed4e64d66f66\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   660018 1a98de5deccf0642e85c5bbf44b158ec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   163124 dfe3c393889e2ba0bf421164956903a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171780 0e63f6fb0fc805769aafede4d6be14fa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   208498 45c2ec6249fd478854d6b51a8ff64d03\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   179038 196d08ddd654b7095b810bf2704bb668\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   178710 935bbc6c8815b64fe9fa01cb39564c95\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   565340 d93c4e35f9a79c72f11cf5e61e6685fb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   193686 1311a58096d095810db6de874403f144\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   195898 a8c4f1a3cca264a4de38384909ae0527\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   245344 3bb2b5834a63fa1f6ee7f6f73455b14a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171098 c7b8b83b09b599b65f41c2fb2df9e5f2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   171542 9d8ba30823322ea55436910855236d40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   200314 db2359a4dd12eff662f17d16eab080e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   614302 115e64adc6c74af37bacc0b4e54fadc2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   329404 1e75dc920d8fd10a64dc014b05730b06\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1529654 18594c501817e10451893310347ad4e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   184890 132a6b1b5ab8f182ebeed781e053ebeb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   180554 6f49732e209e38e6dd779252671b963d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   410264 92c96bc12e1fe35ed18d5e863b71691b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   169914 24a5fcdc4ebc93491a0f70ea2d5bc26b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   174482 fba1ebdb9743a7973b5d3d5f943b1521\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   236504 0ba491e7dd63b06e116becef32a9dee8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   190596 81973bd063623df482c4c9feb53bfe1e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   172632 b4b5474d58ceb6869be524e7eedcde0c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   203054 50753c3e0fee1e35bd290da7903eff5a\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   182762 b8bc97c636c1f886a306063ab2888a41\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   265068 d6ab5c744507fd1a9fe6a6828019d559\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158806 0c80f911f973bb7337586d624a6c747e\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158856 fc61c5e9ea820e7fd9e3510310245bad\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1941616 b050f50404e8d7bfd11296e4745fd3e3\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   309596 0f948324ca3602a56a9c6d6d7029b902\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   496946 04c400f07131f1fe396100ecd83847f6\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   180580 fc2e265ed3497fcf03781f0edb71b8c5\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  5009168 582136777e3fbd1102fded416f9bf804\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum: 49495214 a9f69894995ccf02de16ff76c8496f77\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   283386 183aeab2a61618e245b585344cb1fd63\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1230896 aac25d99c5ff9aa3f3ca8c7bd78e57fe\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   705172 6de19e9b1c942c1c62d165029b0dfcd8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   366064 1c48bae8d4491a4ff4b676736ab175ca\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1111016 9fc618a5c445ed61ea1099d44730d9a7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   435082 17cc6e82fefac3ff0e0da0099fc261f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   158606 9c67005155a274bca06964f26be4da79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   790330 984dc8f924bf799cd1a31cde08141708\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   662110 2b3d55d989a06edc35fd750b86258318\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  4582490 83d96569620caf3995c115f0182b3b41\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   855012 86b0f0f3c687cce625e825698ba95298\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   384546 a8ec4021a27da614968f11b1f0d84c11\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   226984 e02156abd0bcdde44b2c4ba6027c0978\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1467016 dc5564cc3943f59450e050d240ac6d19\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   336854 591e181619783ff7003be7ed6b20529b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  5744114 4ce1994ca3f0aa2035622d5f730c7245\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum: 54929832 6ba49cd3398bab6a3b82d2eb7fac1afe\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   509408 3a68d04348d4c4b53640706b960cb227\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:   912694 39f690caee0037461c210233ae9ea846\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb\n      Size/MD5 checksum:  1603624 a09b4b6b58ab30e3b0cff0df9cf3fdf7\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb\n      Size/MD5 checksum:    94980 1c57e38030bc1c7311695cef03d2b560\n\n  Intel IA-64 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   301856 2536934226628d0349840161c4239311\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   423574 661cdf850136cc83b7a2f188e53a4e2e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   335342 ecc1597e1221d6752b87b9cbcadddfad\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   836740 1d1f928ad5a6075c7b8d26b479c037b1\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   229996 f96e4a0405bc4e66f93efaffadc4f2e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   220530 5509e9624abaeebfafa2238a8174552a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   307000 ef2bcf7574ba2874133c9c89faacf474\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   183790 da2e6b761cfb3ef2da02967c0cc45b2f\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   187868 e4103966dc75c710d449c193d7b0c172\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   212436 b73882b850d9a14ac2676853b4e1365b\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   906316 a140bde98edf1894e6e35b655e617f5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  9887962 ced2fb3657c9406a8dc3888d0a9c720d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1606148 f68d2172e7981a2922dc4da5460a52f5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   355430 d8bab5f8af5411b72bd4c99314b836fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   971308 98b9821f558fdc43c5b4dec4b50e82de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   545418 0381b705666026787bf62d1b19a1d326\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   437162 b40b327b5b0224d4ea6284af48e0ab20\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1155500 7487439f9ba76ae05c3037d3db271a97\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   545322 899c08785c157f10f657e7acb5ede406\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   264566 5278642e58fb8cb61ade54ae9ea00125\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   201316 aec4b6a598c0d37f9ee2a7c434560ca0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   525084 ce9b348e4f455a0e236c8abbe88894cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   200834 9ab987825769ca0885bbefb655793bfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   484850 f43c52e902a788f0bc47dad4670dbc13\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   241416 a6c1ff2791d41b528d34a2a5b7e0cda1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188316 70ec23e87366fe5d62cc6237a34df58c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1184954 478f63c5a4364655aad8b35ff2b58d2d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   247942 0d03221e400cdfa4dfa62437e859af33\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   230070 4e75172f67d529d5b4960586dffb2326\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   689792 832b63f9f3b4109df89426905c5ddcc9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   164948 8183cb1e03648f3f6cf19544eef00abc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   173644 d194b2aab4f22ed2016a21cfc6cb554b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   210708 cfac0d9056615515ca8baba68d750c5e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   186904 14761ff4b77ea55e8d5ea1bf838098b8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   185238 d5f89d9c59ad7bf9a91bdbc7329dcf9b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   577486 23dcc7933085f8c1ed9ca319bcfb8d5f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   214096 6902cdbbc99c3d21d8e97d3b2d962d0b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   211598 bb9345c62712925a2a31c681f80d8c78\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   261608 4ee5e1029fe9ab66213c57546ec099e1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   174596 7fd5a663614670bce66dcb18686707fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   174482 3ae32e6fa2f05345221cdcf5222a0a76\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   204366 83a4a11374d28f11276a812af5a4f189\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   734512 83da9954a4e88ea281aac8e58cce0417\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   410848 fc544e2b161c9c796a97e702064c7814\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1627622 3ad29ccc7e3aa3ff849cf5226a378662\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   192576 191f6eb877c6220b15d3581748bf080b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   186708 4778512f96e02cc2b00f667b7757dd58\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   415204 c1d5735cb1197a99a0d4a6e08ed8d2ad\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   176850 4276368e65cc7b6d0ced6fee47fd1325\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   180028 535e93c0336b609113938920d2da7b19\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   242192 7a7a71281b43033019a704565a9fc691\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   194772 f6fbbe744696aab7c36f1f118bbbdd89\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   176284 1c925dce81cd41410c433264025c6159\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   207898 981e0a72852e686ebb94b8bd54f16134\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188648 08fc0d4fab01781603e9572fd3e839f8\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   312324 a6c63c439a5bb043fe320f4779f8f31b\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158796 49f4feb5a9fe370f6ed39115bf6dae30\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158844 9fd7480c8f47f27fd6e0bc7bbf847533\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2774492 3424d3799ae9b7b08e7a66185aef68f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   347898 8ae26bdac80c228f162b0fd10fe25892\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   693412 f1a383a2bdbf67626c4389de56597a17\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   188856 7c8411b390713431d036b549a80f8d61\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  8121752 763ff2b160b0c0712499eae573f40e44\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum: 51595076 6dd701a0a28aba2219034d6f2214121c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   349704 baa5b652ac7da0154ee263c3522d04f4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1324528 4854dde9c6fa7cb0dcc6c3862507fb9e\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   797068 1ce3af82028237daea128d7213e89cf2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   447492 384596efd464eb27da2bea8b426e9061\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1200974 a9d2b33b28b815cb01bf96ae96093032\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   553512 bc158ab22c3d8949e0e9486d6518af40\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   158598 116aa61965b7a3b91b45e317d3e91b75\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1081118 e8b35d16092f656359e9c0bb99b74179\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   946692 c3e728e388711e13d6d2cebd03836e67\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  4773708 fb080167239394d3ba3ae4a71e737546\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1165792 e9456cdb9978268829113f8f687f98ef\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   494608 cf64329bcaf705b4cef3f52c90a612f1\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   260258 741427f481d436aa87d90d59b3e92379\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2383910 4dd936295dc3a5d630906d9c510813ca\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   338584 d5a558ca2dc8e909834048e78204d3a0\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  8457416 479bbecbef8d2971225628529a160bb4\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum: 56511442 b7f8fd181b9a684eeca40bfea3d185de\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:   581860 4ba016a1f2b41d055eaa081ec5b04bc0\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  1133422 bf77f9281359939cfac6fe550af95f6d\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb\n      Size/MD5 checksum:  2610628 6cc3b877c5b52e77dac0e83bd58fa390\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb\n      Size/MD5 checksum:   145704 d959399c76a6f63626a83f75dbed9d82\n\n  Motorola 680x0 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   241018 77a07432c45b9378936b86794d2bcab2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   331138 64ad4122c8f105a06f56c23d9174cc10\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   282230 c554467354b448f9e165955af4e7b4a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   785174 dd08487031b3e63b50533df646c0e6af\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   200262 060aa0d9cb7282199ca18305b5c821f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   197746 83836818743f4dd92b30ab3eedcf362b\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   281672 1e1caf7322c340167bb95486494c3012\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   174714 87eddf9c6a897f97952aa91c838eff89\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   180594 573276a89f23874cac04d56e205aec69\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   204752 51890686ef5fe0a32afb5f760e19e1af\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   680616 7200fc49162ebda0d53a7ab4a74bbff1\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  9735198 4c7d703ab09a32257fbb4a7a9ca6ef34\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1320712 16c0e121877da9f823914a14d3e5f40b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   272166 df7b6958c0a1c7017a30f9c7b78ec723\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   885970 0c270453838e035b27714ed71bc9a952\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   389520 46a680064a2f9a1e888df2bd7f7aa903\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   319674 7f7e6f24dac1b7e3f4c41bd3f589d281\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1015288 3253f3dc4f1914004ee0d58e4e1c0f41\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   389430 759f32add2082c6df77263c182b8dd05\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   244390 12f93645d7c7f68716ed544613efeb6a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   186086 e51920992e3a65fc3d6738517e449792\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   513588 dacd493b35a8a37d1b0326ec265f1586\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   188836 96ec2b33de1690dc8dc1e4dca8a5de24\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   478026 59ab765625ea9dc6da641a8e5d01d1f1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   229372 59d34c9c15853cb410d5ce3d35924d40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177524 788b51e970927d25728e597d6efda2f2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1190632 24752ff589468af8133e0e27661cea93\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   213748 ced2278c1ba39a77143cedea80190687\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   206234 4fbbf0148b2cd42a69521255000601e5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   666594 e2ab67ea5ba09f7be87f51beab9d5886\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   162740 2da7b2488ea0dbaf0582960cfcbbb782\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   171686 6fd94e0375a1bbfa758392035ec76c73\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   208966 03cc15b63c820c9568275e4fc248afc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177938 0298a644eec5eb22c96672b1364f8ac4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   177392 221bb28eb3760c47fb26797e692d84ac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   571934 a2e321f788912dc8f4591fd1dfc50c79\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   189722 820323286728158435103af5db8748af\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   191700 7e3e4d432fc65a82689a629af33b6cf9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   239296 141d8cbc8f454a44f79c13dcf1152e3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   170844 1a5bd0bb22fd2dfded42c17de02bf2cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   171222 3aecb797ff7774a2ab5cbb020b8d7583\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   200380 10901ad8dc53221e014db4503f5b1891\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   597690 1e422ffd7f5c0b308b54d0a5a732ad56\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   314590 36483349e4f37219f5ab22061b7c316d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1518028 6dd17e0c9f3869be4bde36d09a1f5cbd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   184100 90bfe448f4c46e7032235e8a41f6bdec\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   180192 446b94f914b87c2855ab2b6508a001b7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   408988 5a315e50bbe97cf00ab9c286168480a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   168920 562498f992c6e330578f5545bfb4c183\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   173734 43011296400cc534ad0e2763a6948209\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   236732 9df9f6739611fb0fb3d13be1604e944f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   190134 7d2773cb87e157ca3872a3749f080ee3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   172066 be4d961e36c50d6db22d0dc790527cfc\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   203030 0ae15e99cf268d4607a9ce9f5a0499cd\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   181158 51b4b7ed68aefda9a8c7c4663825bab7\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   256204 6f415eff373b0dd082c3c4cd88f38968\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158800 518d8866e2f0538a14a151e08205455f\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158848 05fdf197054b6de0a875f55cc623a90f\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1770534 a5a3246a865619f16873171292728d4d\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   304782 8c26e77f964dbabad39172dde2f11b28\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   448136 9f5a9f1a513fe8b4e0daddb3500689d4\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   178986 1909446f56c676490d9ac52676a45e88\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   284944 026317fc993d1fe1dff80f1ac1eb91c5\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1197212 8fd8f32f6f3bf0a11401ed7597f39c1c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   689460 a050bbc3a8b3a9f1789aee998e00c918\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   335758 e8e92c844a61419c47bce1aad77a59d2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1099042 0a495c48978112d48a084651984482a2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   405664 210e7f001efffbb8aa0cb72a30ecde57\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   158604 d34dcc01cd3ea7779abb2fb03a07c035\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   758064 dc880642b8b7e1a8c29101b281d493fd\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   349048 a155502b312c00034f2ae0ee55a030e4\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   222330 758c282c2ea0fc9acb71bb81a50de8b1\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1240584 4882905dcb51ec7943e1a2af30de7411\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   336750 626286fb3dbfbddac46db00f94247987\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  4544002 e4cc4d1a010460c47e024cbbb3da404e\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum: 45450578 159132c8cb652641dfa6a9e0fd0b0983\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   495068 9d646f6246283c9d9ec6203027418988\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:   873524 2490473ac20b90a37ee823bef1168001\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb\n      Size/MD5 checksum:  1350020 fefe13b0d055607cbc25bea8a8700fa1\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb\n      Size/MD5 checksum:    88642 2e821aab336d92fbf4463ec68d549df5\n\n  Big endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   269036 e0d614a89eb3c3f0d76c1c32efb658d1\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   383674 85999be5fb8483b01f78ef55432996d8\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   283268 960f5f05ae7fda8191e7c3a0470519d0\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   794896 15bc703842b5c086c0dc32a365e75ec9\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   212428 6e245b0237e014fc807aae8a83765de9\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   200476 7f451738d1c701f31063eca4714a3e82\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   286068 5abe8c7d0b16a59be535313f4a8e5c41\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   178320 26290f78c879e2f18a917e4a0d594c83\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180942 212958ccdb25420a7e8c85efb757419d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   205778 62298420a535e5b9e334be552e02bfce\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   741164 dc4a231aa21b24592af81779a3f0e63a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  9875488 04e5abcf7f591272784c4e8a2de04600\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1448650 ef0aecd48a18d8c0328f8aed260a8056\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   291898 1d19096fdfda44903b79e0e907feafb5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   914694 5cd35836ce90b31192da903fe74b9464\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   457170 75c30aaae65eac879b12d96746024b50\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   345484 61ae086ce3fe377c7ad719ac15bb0e81\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1053840 265f890d3f31f22adfe12929e6927d1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   457082 dcdadb44978e3efd8d4de14b1bb1e779\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   253440 832c6d9c7c66d6f5de7c8e01627413aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   189378 ef74e7e76c3a466cfe4fc965762f618b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   519556 edf155ff90decb7a0faa5632b5a4cf4f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   190660 86464457c3e108661887610e5ea83283\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   481658 4d02c7e8a59fc882c249abaecc9fb231\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   234346 48396e6b0a99add4cef783ac8a7aa4a2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180312 7065ff48dd57fc4712290485943d1884\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1200778 8891af2a2b97901ba15daa436bc4a8be\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   229230 b57f350a0b45180482d4773b4d4906df\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   210238 f1d4dceb06755ff6eac535ead7b60e48\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   679006 ab2a5d9d9cf347380e6e8f404972b3a7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   163800 0cb95c62798ce539733e1b6d5f4cd10d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   171894 3dbd7c7abdd64ee3cab8ab578c28a466\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   209482 61a6a45b5b9408f3bfe16d0ab2677e7d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   181812 9608b04167f37a788a8363f622038b3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   178568 2643b6b2f300b44e9164920e90bc1e32\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   576458 dabd3f68c6c430a417eb265c04f97dc8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   201004 53b5143cb8b95dd74f4c8c5394447c9e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   196860 85d7fedaf7f23cfa9f5b852d7c2cf804\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   246082 ac0e1f47165a1449ce01d6fcd99ba377\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   172422 51a54bcd72bbfef34fff324215046684\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   171978 098bb8fef374fd9cacf44fb196dd6a08\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   201692 a0e794a9a0f11782c2a1e2c063c907c6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   658488 cd7fa7d1d143676db6f5b3c669ca2e90\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   337488 ec3a5b787c6ae945a8d4701894b6b47f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1558432 b758c6ae00f6795c2e7612d2b6869427\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   188076 b6383e3e11a196f27b0ebfce5a1249e2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   180856 1b3e3fb923a6fed46dfd8a9a819808bb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   411938 8ba6d09b8b594b964de932b10515a848\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   173122 cbb902e5f1004d524bf428ccbb476af7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   175272 78ef33ef661531a62de80c9e02927a3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   238884 15b59465dccda67bd09e4882848efd07\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   191990 068d261c0a9192bc379118779f04e730\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   172872 081f29507e3b42c5a947425a865d6ab8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   204250 ded6fc6a4c13e4dca7a5fc897b95789e\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   183656 769f16754e841d2b3ede831430ee4d1b\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   279012 21e6d974d7bba679c7d0d297694eb6fe\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158790 8091cd2ef7e411b310f45861e8588d52\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158836 433eb908c505bc4abbf45420e3b82ca3\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  2107564 43918ac8ead8b2af80800041bf871aa8\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   316422 c9f27358a4f5da75df8128109fbb43a5\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   543002 cbd4b467bba106c92b1558ced4bf8fe3\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   182624 8420f1c990880b012d9323d0a68d3628\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   283842 98edafc555cb17b7705e96a739f97594\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1205152 6ccc49b27787b426e41d30cd7344fff0\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   753068 25ce758d961646072a6738b691c16d0f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   373414 5bda413e620bb7c40b30cd131af86938\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1144212 942d59d8482805825b108365bda78cfb\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   497118 379dc047cf057a4fb194eea11c9d3ca2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   158590 cba4b0c3960a04583aa947eb3ec21aa2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   933874 1e1331ba64cb1508c4db1df59ddbb9aa\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   406030 e03c389daa5f6be9c72eb63353ce9d72\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   239710 a99463cc6de040a91e2c3485a6ae9b95\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1737236 4268b1a0b2a4ca64811ce65a3ba07100\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   337538 989852b0a430daed12875e29a361622b\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  4021462 de4bdda63e45d94a8132c2e94c252449\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum: 45540760 1f5b16eba5dc648b0ca7246db7a2d7ff\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   530278 1489eff24482171db1e388ca730595a2\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:   983238 a32855e77f25c7e9e21aa96ae8a9d2cc\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb\n      Size/MD5 checksum:  1898580 582876c5ccae25dfd144bff7bbfc2e44\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb\n      Size/MD5 checksum:   115348 423b0dcbd2bf60cdcd1dfecf1ca9e85f\n\n  Little endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   268714 b457217d19fd8fbc43666f54ee3b422d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   383552 5d7b8a8f054a40610496c7b169a02bca\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   282270 3916d3d6ec212b8cf958aecf7283b697\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   784426 8f28ec91456ab0aa9c0fb585b27fac4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   212428 28ad717314bacf8db05ae3d9ece564d4\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   200466 dd18ec438c8d6db747479b46253b8535\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   285224 025be5d014139ee126025ded5d029419\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   178230 185fd834949d9ec6c15e7df2de864d86\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180626 b7750eedeb125264f01a77756e286d39\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   205458 7a79ee705eba1fb54f85e5038eb8f848\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   739610 b6d8d9a3ed6ffc39b11b76fdd5e79f4a\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  9700772 302744dbd76e8b44a9d13a47cb612994\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1448742 398ee2c960b1655c3357c45ab4fa1c5b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   290434 a76f2678ec211948b0145199eb3a3b21\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   903856 0ef7e41798e292ab28d306a702e3b7fd\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   457676 5150db19a905714fb4ae3b84c7cf9895\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   344002 85c98ccc42151375b8cf1ac34adf0d88\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1041318 8355f472163d812e23d1a19b228a8871\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   457578 36228c60dfbf7761a288345c41e625de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   253406 7e181529a011d49edb98d848c310ae7c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   189256 419ac92bdd97a369acb97492a734d582\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   511450 c7e564de37bf7b6ae446f0a4356834a9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   190518 82c1bf1e8dce203b3fe4c9f8fb36fa55\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   474102 3d171945e9beddbd6da2b320bc658277\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   234434 38a1c3c1edb0c74305732e47911e7073\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180340 48a789753e9e584c2f8a611eb00cebf2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1172822 4b9dd118b18567a2b9a6d70eddb2cf3c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   229446 ef7a8df51a89a84fe1a8e9255407a95e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   210292 1baf340db8decbb6797900b34ef01ae9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   667708 80772935e2ff170fe06c8f0591d8ca69\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   163802 b288b0a03e674709d36f073e2f2aaabb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   171858 03c3e449b387a91482d8b21e558c789b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   208910 52fc67c2845f34df0217cb67c305647b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   181866 37a8cd44a87026d32acc0df14da75c1c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   178588 7a195ed2a458db3d80f37e74c7132826\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   569302 4df5863188eea9c531fb34ba8c914620\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   201112 9b6e9c39d38d1177bef58eb540536657\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   196894 afcef91937f62b700897557f5b63d4a3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   245904 7f24c0ca154a19aeead58088bd176293\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   172436 23d27469a84fa956caf3311f66911069\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   171948 16d85086518604e7c07479209543ba5f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   201270 d4743d9d59253608e7fbf3732ad32bc0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   658586 e4247b61d8dbbcc543c2f81ffd2c4f2c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   337020 f6e748c6108bb629db19d0f0b890d899\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1556268 1f22fb32d46cd7fcaa817e767ed63e60\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   188070 b134b00d3918725f076deb49a8315287\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   180752 2ed8865fbf082082b83d692f8b404911\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   409362 c060bc4bb1eefdae68faade8fc4d0e6d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   173228 c7a08401264d1f621dfd80876984c34d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   175314 9224ffb5723a2ee658ca751432781ce3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   238006 2278377f71a0cf0e8214202a7c137b3f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   192078 cdff976f851d9a639d546e17f9eb58e8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   172872 89a7daed133f163b017cf4769fb72e90\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   203766 8425bd077cdbf5636ec9fa3a40899b34\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   183666 b1cf636c37dd8e9fd270cb46bdc1da1d\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   278418 5729538d364f4f5c8726f788443eb972\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158788 fb6e373cc9fcf5f7e2ee4e97cb10a4fa\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158836 3cce8809849b8dfb61f5ecc67afdf631\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  2104034 acbbc4ba7176a4b6827fb183a2285c53\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   316226 bd2701e346c38ea1e280e4425fab0dc2\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   541750 a16b41e931f59e0c3ab64d0f3fe55591\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   182688 13077c7b948a560332188b139fa2b88f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   280024 fb4d9a96e61c132dbc5da3b7784a973d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1181102 b99aa55dba347f2a4a319fedac46bbb2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   740438 be2c7a300dcbc8a5dacd51864f9b5be4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   373234 7ea4c99de128c118ee62cb7a2360d47b\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1123652 f0f7eaef8ac9c91960474085f31a354b\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   498380 d46fc14c3ab96e6116e85720039c8bb8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   158586 01acd9c9a697fda89a8000adc065aa4c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   929694 4dd351958a4ec579a305e18b17dc6b79\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   405110 4a7c191e86ad082b1b9a2b16ba52c64c\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   239834 3a244ffb3637774c3a07cc33b4d742e9\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1734732 6014914b81a49f5d8210e2beec459785\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   337532 1b7712671ffa568c1ab87b9a893910cb\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  4015554 6343b81312dc1b38035e449f291fc788\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum: 44830508 dc93444fc9f4fa33f7525463bb348516\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   528816 facf36f32b31a3c47511c50cf46cc5fe\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:   972000 0b2178929d57a1967d588f928937874c\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb\n      Size/MD5 checksum:  1894746 74c426c412ffec5e16f485d18301ea08\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb\n      Size/MD5 checksum:   110416 54d82d984ebe9e4b10e69b672c799cea\n\n  PowerPC architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   259230 4374f6ebc9200d2174341043c112e109\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   363334 160fc4f3333e6b709bba658d2178543e\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   296960 603c9c356c7301bbb3fa9916d1cb0ec7\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1134504 cf85fbc14fbbc569c1a7a4ef3eeb4808\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   209880 219329af51376127e05af35917a68735\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   204442 d1be96893430d198b15d594d56243a9f\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   404728 9d57cd3cf2d5b249e0cb57d5b30d95c6\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   178144 6cf6e6a63688c7a97e37c9474f3e152b\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182676 56c556ab6b021879101dd701870f0d65\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   250214 661e49c5917779fbef900cd019df3247\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   739352 a3415710c7e7386754bfc8682cfa711d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 15237950 e1fca6c4017a83a43ad693e5752cc807\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1400632 bc1b20f4b7c5d3b77ae0aee63effdf57\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   288220 a55ad73354c9090fcf0d8a5cfb4799f4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1335508 683a85aa5049f6cc62fe568d5b75aee7\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   441158 7a73bd998d60d98474044473d7e1e4d8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   343294 71f1eb94d8436bb899d8de6a32da8aea\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1514616 f021b0e71a36cb05f70859140cd708cf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   441080 aad05e6166ff256afe038261e77efe62\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   249610 761be7ee18d488fe34200d0dbbc67dac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   190510 21e8c664853cf494476e67cb3441b53d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   724186 ca04220950d4a6182b19f8780a9dddde\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   192026 d3ddb6afd8406af0243609fd0d7dd8de\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   692830 1c8776ab048bbdd4a30e383cd1108e52\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   232648 62b9b0108d803f709ee26a68542fa3a1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   181744 6f123ac1a4758926ec51709841b13724\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1859126 e043d9aac0b66d62a620655a39ad97ed\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   225148 aea9393faf4b0edaa9103232aa248464\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   211792 137274f7b5d4883a35d6907f280e38b5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1007240 a635dc4740a9dfe704cc24877061c81c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   163706 b2b7794ed5fe042e0c31fcc0cfb2bfac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   173614 493da0df5065a4da8158cbb17f36b697\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   235184 819d0cc95a1cbfa835a2ed4b7f786165\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   180726 45d11fe75c08934e876787f7036f318d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   180862 a30b2742d24be32833174a4a804ef6fa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   832030 585c0fe336d9a51ddb9dc21768227226\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   198874 1294737db5224ab3296bfb9044e8832b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   198864 19acebc0a0478a55f99d2bd9f90498a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   464002 8842b1d84d667d0484b1a421780a63e0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   171644 bd6629f9e652228fe66e9b0c391db4a0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   173334 b0095bfe736254c0bc7b5c3909879ac1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   221334 b1e3179f2ee6d3efe7cc26ed7da5d3b1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   645354 f78947afb933be6a464bad4620abd8b2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   337340 1462471e8b2e55e967d37cb0dd5dcb7f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  2248906 aa39c626a490e7443a4bc380f9773aa2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   186706 da779c8c5330d0407be8fdc8bb8173ee\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182192 63d57f316755a6d883cea67ac975f639\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   553672 2582cf21609c1c49f2aa094513e6f4ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   171892 040e3f801d40a4ad1bd3a1571ddd5e1a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   176836 0e5e5ed5df4b61eb6f24ecffe9211206\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   279446 d3a872368f9df7580597389c17d978ae\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   191258 80fb2c1ad08d119ba23bcb3fcb16b1c3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   174466 9be15db49e12d9c9cf4f749fef17e8d2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   225114 69f231b8328338e02f8da31394d8d5dc\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   184286 f7c882400c739e3599e75e321d5e5acb\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   272710 ab4cc869a57b10cb0950136905b8c48d\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158788 3133edb2bd3a8df3a82a7807309249b1\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158842 f39ce73aad052fc70749989b60d0072a\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  2112920 b63086522de7681a0082a78c5b041518\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   314958 8e52d4a60a0d1b437b06143a8e7993d1\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   508794 28d7b024adde446fb86c6ce2b1f858b4\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   182900 61d45fc72d6d420debb63987b059bdea\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  3083976 db3db557ea4f14e99e6a43e0fb800fa8\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 42024226 bc9a1a771374a9bb65beedf768629680\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   295876 9917c43004b8dd006f4b320bc351abcc\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1904654 b5a2262a4e002e36278c656286efd8d6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   734058 18a3ef403198404e9c682e7e797a3491\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   372376 1507f1c52e26c3fdf13edbfdce59f8b6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1613144 b01d825bab12e0e3c0f72774df57f51f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   468614 eb933fd5af24f8771376e3acac3ef193\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   158594 8dd4211d7bb00d471443a02fe897b828\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   808074 d72affd1921fb02b1116143642f031f2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   690206 e141cc451a8bce56da60b2217234b6a6\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  6682418 be6e6132529820193e66e1c55f007dd7\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   885710 ffc8c7adaead9e4f332442833065ec76\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   390178 ccda487d5599a7a8c15280214bd193ef\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   233004 57129736c7e23d01c991f2352001934f\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1583670 2dcbdfc3cf2f7f3f2d59f50dba809362\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   337044 ead33998a914ae257d59cbb2845038b4\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  5796628 308e7e0b85001e7a3cbfd74c83bbd980\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum: 46807434 a9fe3ab81b63f9640709771ab32da4ac\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   515612 173f57fef319a3fcbf3ff2a7a9ba2e10\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:   941398 df0360a7806665dcce1725cda3b5250c\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb\n      Size/MD5 checksum:  1729414 6f361ae8c82eab376e14112caf563627\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb\n      Size/MD5 checksum:   110844 bb75f25a0c723952e22c16528dac52a5\n\n  IBM S/390 architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   261016 b11576dfd58cb0b8610013fd1f77da5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   356334 c4c20e75114576c7d9dfea92ac735c9d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   299618 ae63dc230ddf8380bb81ac03e84d9f2b\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   861914 142fce29993e744b67faf15c5acacd3a\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   207434 7016c7027a54d8885db3ce2dc9d72bcf\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   205026 1b44e63a82180d29a5ab16a8c7de5a97\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   298232 d4cc2f1a791890214175b650173be0a4\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   179704 eb9f7b47856ab858a7aa7e9540e36ec0\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   183334 86b4707988a2a88b669148b0cc06c5cd\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   209198 ae8ba29733696b125f5099d121d1865d\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   754942 6c4b60bab9d918a7a67f6cc5972e6d78\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  9935286 0cfd621c48007ab739925b97afe99459\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1385690 b5ec7f7b5a873a8bc6522ff58b006b5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   301510 84e66c1848cc1884b260efc6429f557e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   950252 29c6d39aa6989a525debc31d71660cc1\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   434648 fc65b47658b425de6cb92b308e0318e3\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   358550 913c9e37290bc08cb7985d3a5e5360b8\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1105980 cc20687246cf71654c2fea70f969945d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   434536 f555cdc669c207a5f2af9f64c4dbf88e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   249950 e0e278d3653034caa1ad8114de8ce051\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   191178 9877b23f5a8fe9f632516e6cdab20a40\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   526646 e9e92e600aa1328cf692a412dc29d055\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   193812 47843986f43e46a087562dd1ae3a7c3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   488660 c36397e3e28c3ed31eb1c270a5b31ed9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   231170 7343c839b5db38cda03132a2e2f43fb2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180112 d437359c6939bc126aca998a2e0a5670\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1197126 04fef360a0c48ea4cbd22b2275967f32\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   224326 e755b93bffaf5fb3d8c61633debcf667\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   214300 ba38e46a2c08f96758435687abc968ff\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   687194 fcc78e69f3a4bf1b53ae2aaaa0f7b1ef\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   164022 6bce2fe8f612b51469353c6a81f31777\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   172374 ed88c7ce6cbe8faa23d640b0c9261973\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   209892 58a5154d31b1b2d1345354b4ea289f3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180542 cd3659e44b98e761976991ec8aec1d2e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   180452 25765404e04171f9db00acbe1e1938e6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   576880 78f5eb71aa6d98d757a8aa36609933e2\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   197788 63e02d933765075fda0163cd5f7b2123\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   198936 05e480a70d1637cf60e4b7d769e377b4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   257746 1178c8bbf47a3da072a01387e26e4f71\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   171692 ae1e7545c18dedb65276509b967c3b6b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   172282 597d3b175e028585a432a5ea7624f759\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   202484 00900f13039ad238178deca2edada9a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   636288 93c9d7742151efee83b417616042de6f\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   349560 79cc1771215735324036f28543edd6ad\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1593378 f94fcfc6add222a9bd061ed107d3a982\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   187768 50dcdcc21ba681a47770f76e5bbbd16c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   182564 eb1e3b990359bf9311fbe1b2bf5fdab9\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   413646 53e01dc86afc8d574656110369553b29\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   171496 c902c4ef1ae92f8249b1208063582796\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   175374 65f2f8042c3ba6d65db970a43bab4569\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   239804 88239fd56881a45d163b45744bfae4b6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   191184 b0da17e90d1610eca0cb66845558ddbe\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   173304 a9ee19c5bbba5e3c05d7628a09dc759e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   205894 34a3d56b36366c1622cced5e3d03bfdd\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   183436 94608dfa5b08da618b55044e2ff2aa56\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   276620 cbe760c213039314b7a8bebda37cbc38\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158780 87774e3c0e9a3351f1df7df951920105\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158836 63971433e37d9e530322279eca61a28e\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1716176 cee79d4795b2c9c83b705ff494a74ea7\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   316906 c5b68def10170acf30c3ead53e5baa14\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   530022 4abc93320924d134665914f0b002ca61\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   182340 49bc884ea1d6989ecc1c5b8924c597d3\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   330914 b78dc9299d93f5c68e13bbba2e5b1171\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1310732 5d50f31cf6d71e5ae49ebf694089f12d\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   730954 4b30d4bd8f54ba04bc79474206d24c20\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   368744 1a3fcaa2b38ab320f2cf780ae2fbb756\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1203426 77382920ec77dcc0fdc2d2111c367466\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   438364 a8f9aa44229d2c9d67bfd9e6c53edf14\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   158592 c7351256cd10ca93167a8fa2c420d8ce\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   851034 4b4ed34eacdff567696a351769e91dec\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   354328 66b68028c1ea212b0bcffa74ea31e314\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   235068 1d03c6ed8c54744dfab467051f886891\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1623514 d2c8a17cc4ea76ce0ea782b5ed2fa6d0\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   337220 f0680427e0457e75dbcaa5824fdcfade\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   521820 058676242c82729a321b28c9258f869a\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:   806406 b67e9bf1e1f71a3e39871efac1ef04ea\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb\n      Size/MD5 checksum:  1766784 c5d15916eee193f599fa851ee4efaacb\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb\n      Size/MD5 checksum:   112154 a2dfc1a42c434f2903ec9be068e12e30\n\n  Sun Sparc architecture:\n\n    http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   251120 6a6c6f03b37e811ae195469e72c6e38d\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   344048 8ba999289d750ba4ee049ed606ce7ebc\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   285098 013a125bd422e828d5f7b4b7caf2befe\n    http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   786826 23029fee14ae423f4a01757a7556f40f\n    http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   206034 e5bfb0235acab95832126c426d4daa22\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   200282 6d51ad473754375427be266be139cf4d\n    http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   283484 64378cbd6be7aeb6788f01da7cde5378\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   176924 90574aacc859e31a6835efde2c649563\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   180862 a148c29afba10d5e75403dea33ddea9d\n    http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   204844 6885ec3fcb260cd54c3b10d1a6b80e3e\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   711862 05c681c1d9aa606692192546991dc4c8\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  9810500 96f9b7f647481a3a8cb07f3e589614b0\n    http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1365910 cea371314adc8346bc04d55145bf7132\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   279718 c8759a8f7ba115ae15dad96e66ff3d70\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   892056 f15e34ed247caeeade4397859e8c045e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   417428 ddd304994c35f2b11434cc57678b6200\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   331668 aa8c142b8af774f3fe2b1a9f9afe5336\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1026356 1e8d84afa56fa5a61685ff0b641774e5\n    http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   417338 7ade24d52608d946c225e5c4be803c3d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   247482 2d0dc48c46f5c0aaebedfd207699b801\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   187792 1d819fcd2fb687bbe116b6727326daac\n    http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   516558 8c7179f7202d40a5f60dfcddd9cced06\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   189846 bcc85d36bd7863444a561d6d0d7bc1bf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   478100 b381fe292a9fcb3aff5f54a3730c82ab\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   230528 d0e74daf0645f7a4d9e88988b4110f5a\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   178522 f797684b630c7b94837dfc064da221aa\n    http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1198574 a3fc69e423818ceb83036878952064af\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   219068 dac8cd1cd25927ab8ba3adb5b3c13d45\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   208188 e99b887c7a5210693174ea0453c4a095\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   673178 f8a305fff41a8fd3560ba9620d68a0cf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   163184 1ef9674f59e1d452b3b375e3f6cc6ba4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171726 a42c22e71c8f79ad852b59c8833b5480\n    http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   208980 ee24eb25da955b1b835f4acad6029188\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   178962 fd22df9f1110413451eda040cf3d4215\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   177550 05f9333009b40b16a56a655261c4569e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   573766 fc89bff55941f16ba246471874de95bf\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   194160 e16fe3bc639b204b7121cb63fdb45558\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   195154 bc337cf9957de401de6ba90a6222f94d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   241360 9918a8f85df0c41a4d3ada958d916644\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171148 bc8aad869f6c663b43a0aef73dc8019b\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   171376 0c7a75d8c7993858930cac664d7482a6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   200530 e4349aa63bd0681cf66fb531bda10396\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   627184 f4b4c4b5834940321c5fd95a2279e12d\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   330450 b93c2dfbebc8a8fcc2713e89ecda986c\n    http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1533278 46825c4c0c5d393de98774b47e719cd0\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   184926 46b30fe844b4c08a24b868d63dd3bd58\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   179508 1eaf0ae4cf87d5ff00b361e9a1cb6f38\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   410236 3564a0b2686f28cfe597c1cf97405627\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   170444 ccbcb0f2850701bfc6321c674a8b8ce6\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   174218 e5494fbdb588d2691c253c98d977ce4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   237016 4260166015dd5ecf364af96fca04ecbb\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   190284 337d228e15acf2a7cf83026ba3b4bd4e\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   172002 6e0d484b45388a3f9e0265831750fbf4\n    http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   202836 43787cf76647ccd5cbd7b9197d6b420f\n    http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   181708 027d176b8b89cf2eecef08b3fa4b90be\n    http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   268224 12152b5bab3f6cce61aa19f9e05941ef\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158632 68eda17dfb6d5846a93627748b1ad4cf\n    http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158686 ec54e69cd4c1c82c623cc53978b22dd7\n    http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1934896 77a1064998455a2cc1c384ae8fdcce29\n    http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   307792 b181b2bdc84e8916e60676c8804d5173\n    http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   498726 08f1f092d52d0f0faea072db99079d0e\n    http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   180478 909f79a3f4a4302fb52cdb4f625de32c\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   706072 7bf7c05cbffb036433ec24a9f5006a77\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  5583652 c58b16c2d860523368c0ee4624be4803\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   287114 01850d1ca580b4dfb0608f39306a4b91\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1253294 76575b58b1cb40b6c3f060b7c07412c2\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   706766 97f87cc7b482596307e4b95b34c38f2a\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   357804 a38bb604c839d14ec09d2cf74e781e64\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1110290 4fc9f2978c422f6771bea6531eaa106f\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   442180 5652768f439246c9e1c5ad68e1335520\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   158438 8c25fb31872381acd35354f91317c5a4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   823038 85b8ebe6d2e4d633c6dab56666ce2f78\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   695786 0152e635b45f6c6878038ec796dc7cc4\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  4596090 9318bd03402aff608c7cb1993a50fb90\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   863010 5d7a9b2b939bebd52b450235569449ac\n    http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   387526 0db93eab07feae51dc80ec0f785bfd66\n    http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   226286 bca8e3ba1abc54e535fc51e791ee23fb\n    http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1494844 492ef231edac7bf67969b425f325e095\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   336664 e6c981e1ebbba26892ab43b94e195c07\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  5432244 6fb260dc0ce16280a897fb71143a5c16\n    http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum: 49725120 2cdd446c60eebcac976c770de31b696f\n    http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   508648 d2db70e93fa1a20b801869c2146770f9\n    http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:   920670 62b75897a9f1ef8fa41c4877615ea585\n    http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb\n      Size/MD5 checksum:  1626640 263daaa71644ff219841c835ca8c5f2b\n    http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb\n      Size/MD5 checksum:   101352 197681c30bb451093563cb9d9d380fcd\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFGTMcnXm3vHE4uyloRAgwxAJ0ZNbdHNKMDBslDB+PDH+4REkBUIgCgqChe\ncG20nrUmt0Lbb++Dmcukkyo=\n=uFfR\n-----END PGP SIGNATURE-----\n\n\n\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability\n\niDefense Security Advisory 04.03.07\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nApr 03, 2007\n\nI. BACKGROUND\n\nThe X Window System (or X11) is a graphical windowing system used on\nUnix-like systems. It is based on a client/server model. More\ninformation about about The X Window system is available at the\nfollowing URL. \n\nhttp://en.wikipedia.org/wiki/X_Window_System\n\nII. DESCRIPTION\n\nLocal exploitation of an integer overflow vulnerability in multiple\nvendors\u0027 implementations of the X Window System server BDF font parsing\ncomponent could allow execution of arbitrary commands with elevated\nprivileges. \n\nThe vulnerability specifically exists in the parsing of BDF fonts. \n\nIII. \n\nAs the X11 server requires direct access to video hardware, it runs with\nelevated privileges. A user compromising an X server would gain those\npermissions. \n\nIn order to exploit this vulnerability, an attacker would need to be\nable to cause the X server to use a maliciously constructed font. The\nX11 server contains multiple methods for a user to define additional\npaths to look for fonts. An exploit has been developed using the \"-fp\"\ncommand line option to the X11 server to pass the location of the\nattack to the server. It is also possible to use \"xset\" command with\nthe \"fp\" option to perform an attack on an already running server. \n\nSome distributions allow users to start the X11 server only if they are\nlogged on at the console, while others will allow any user to start it. \n\nAttempts at exploiting this vulnerability may put the console into an\nunusable state. This will not prevent repeated exploitation attempts. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in X.Org\nX11R7.1. Older versions are suspected to be vulnerable. Additionally,\nit is reported that the freetype library is also vulnerable. \n\nV. WORKAROUND\n\niDefense is currently unaware of any effective workaround for this\nissue. \n\nVI. VENDOR RESPONSE\n\nThe X.Org Foundation has addressed this vulnerability with source code\npatches. More information can be found from their advisory at the\nfollowing URL. \n\nhttp://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html\n\nThe freetype developers have committed a fix for this issue to their CVS\nrepository. Future releases will contain this fix. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-1351 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/21/2007  Initial vendor notification\n03/28/2007  Initial vendor response\n04/03/2007  Coordinated public disclosure\n\nIX. CREDIT\n\nThis vulnerability was discovered by Greg MacManus of iDefense Labs. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      },
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "db": "PACKETSTORM",
        "id": "62369"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "PACKETSTORM",
        "id": "55598"
      }
    ],
    "trust": 1.98
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-24713",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-1351",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "23402",
        "trust": 2.1
      },
      {
        "db": "SECUNIA",
        "id": "24996",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24768",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24791",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24921",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25004",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24758",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24772",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24745",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24770",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24776",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24885",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "25006",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24741",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24765",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24889",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24756",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "24771",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "33937",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "23283",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "23300",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1264",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1548",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1217",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1017857",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "25195",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "30161",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "25495",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "25096",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "25305",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "25216",
        "trust": 1.2
      },
      {
        "db": "SECUNIA",
        "id": "28333",
        "trust": 1.2
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20070405 FLEA-2007-0009-1: XORG-X11 FREETYPE",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070404 RPSA-2007-0065-1 FREETYPE XORG-X11 XORG-X11-FONTS XORG-X11-TOOLS XORG-X11-XFS",
        "trust": 0.6
      },
      {
        "db": "TRUSTIX",
        "id": "2007-0013",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SR:2007:006",
        "trust": 0.6
      },
      {
        "db": "SUSE",
        "id": "SUSE-SA:2007:027",
        "trust": 0.6
      },
      {
        "db": "OPENBSD",
        "id": "[3.9] 021: SECURITY FIX: APRIL 4, 2007",
        "trust": 0.6
      },
      {
        "db": "OPENBSD",
        "id": "[4.0] 011: SECURITY FIX: APRIL 4, 2007",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200705-02",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200705-10",
        "trust": 0.6
      },
      {
        "db": "SLACKWARE",
        "id": "SSA:2007-109-01",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[XORG-ANN",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0125",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0132",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0150",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2007:0126",
        "trust": 0.6
      },
      {
        "db": "UBUNTU",
        "id": "USN-448-1",
        "trust": 0.6
      },
      {
        "db": "SUNALERT",
        "id": "102886",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "33417",
        "trust": 0.6
      },
      {
        "db": "IDEFENSE",
        "id": "20070403 MULTIPLE VENDOR X SERVER BDF FONT PARSING INTEGER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "55673",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "55598",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "62369",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "56410",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55838",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-24713",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2007/1264",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2007/1217",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2007/1548",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56596",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55597",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "55672",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56851",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "PACKETSTORM",
        "id": "62369"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "PACKETSTORM",
        "id": "55598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "id": "VAR-200704-0737",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T20:10:50.319000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Debian CVElist Bug Report Logs: CVE-2007-1351 bdf font overflows",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=68f0e9026ab7dd9497e5994c8d2f5f54"
      },
      {
        "title": "Debian Security Advisories: DSA-1454-1 freetype -- integer overflow",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=beceb2ff64340c384ed8cd47e0308911"
      },
      {
        "title": "Ubuntu Security Notice: freetype, libxfont, xorg, xorg-server vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-448-1"
      },
      {
        "title": "Debian Security Advisories: DSA-1294-1 xfree86 -- several vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=be53ababa489c9b6bdb9d0399332f169"
      },
      {
        "title": "VMware Security Advisories: Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=583d15c673c91b6620d123d9baa3e726"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/23283"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/23300"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/23402"
      },
      {
        "trust": 1.8,
        "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht3438"
      },
      {
        "trust": 1.8,
        "url": "https://issues.rpath.com/browse/rpl-1213"
      },
      {
        "trust": 1.8,
        "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
      },
      {
        "trust": 1.8,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
      },
      {
        "trust": 1.8,
        "url": "http://www.openbsd.org/errata39.html#021_xorg"
      },
      {
        "trust": 1.8,
        "url": "http://www.openbsd.org/errata40.html#011_xorg"
      },
      {
        "trust": 1.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2007-0125.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.redhat.com/support/errata/rhsa-2007-0126.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.redhat.com/support/errata/rhsa-2007-0132.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.redhat.com/support/errata/rhsa-2007-0150.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id?1017857"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24741"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24745"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24756"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24758"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24765"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24768"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24770"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24771"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24772"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24776"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24791"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24885"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24889"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24921"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/24996"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25004"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/25006"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/33937"
      },
      {
        "trust": 1.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
      },
      {
        "trust": 1.8,
        "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.trustix.org/errata/2007/0013/"
      },
      {
        "trust": 1.8,
        "url": "http://www.ubuntu.com/usn/usn-448-1"
      },
      {
        "trust": 1.7,
        "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
      },
      {
        "trust": 1.7,
        "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
      },
      {
        "trust": 1.2,
        "url": "http://lists.apple.com/archives/security-announce/2007/nov/msg00003.html"
      },
      {
        "trust": 1.2,
        "url": "http://lists.apple.com/archives/security-announce/2009/feb/msg00000.html"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
      },
      {
        "trust": 1.2,
        "url": "http://issues.foresightlinux.org/browse/fl-223"
      },
      {
        "trust": 1.2,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-178.htm"
      },
      {
        "trust": 1.2,
        "url": "http://support.avaya.com/elmodocs2/security/asa-2007-193.htm"
      },
      {
        "trust": 1.2,
        "url": "http://www.debian.org/security/2007/dsa-1294"
      },
      {
        "trust": 1.2,
        "url": "http://www.debian.org/security/2008/dsa-1454"
      },
      {
        "trust": 1.2,
        "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
      },
      {
        "trust": 1.2,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:079"
      },
      {
        "trust": 1.2,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:080"
      },
      {
        "trust": 1.2,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:081"
      },
      {
        "trust": 1.2,
        "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/000286.html"
      },
      {
        "trust": 1.2,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11266"
      },
      {
        "trust": 1.2,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1810"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/25096"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/25195"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/25216"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/25305"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/25495"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/28333"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/30161"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2007/1217"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2007/1264"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2007/1548"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1351"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/33417"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/464816/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/464686/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/1548"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/1264"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/1217"
      },
      {
        "trust": 0.4,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.4,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1352"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1003"
      },
      {
        "trust": 0.3,
        "url": "http://www.freetype.org/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/465255"
      },
      {
        "trust": 0.3,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1351"
      },
      {
        "trust": 0.2,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.2,
        "url": "http://packages.debian.org/\u003cpkg\u003e"
      },
      {
        "trust": 0.2,
        "url": "http://security.debian.org/"
      },
      {
        "trust": 0.2,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1352"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1003"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026amp;release_id=498954"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2007\u0026amp;m=slackware-security.626733"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/189.html"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426771"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/./dsa-1454"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/448-1/"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=13014"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_arm.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_mipsel.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_s390.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_ia64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_hppa.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_mips.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.2.1-5+etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.2.1-5+etch2_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/freetype_2.2.1-5+etch2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_alpha.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xbase-clients_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg6_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suntcx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xutils_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glide_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-data_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-wacom_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nsc_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg3_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-rendition_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-fpit_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunbw2_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunffb_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-dbg_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0-0ubuntu3.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-nv_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-kbd_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_0.99.0+cvs.20050909-1.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg-common_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ark_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-common_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-calcomp_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xorg_6.8.2-77.3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-newport_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2-0ubuntu10.6.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.2.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.2.0-0ubuntu3.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-hyperpen_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-trident_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tdfx_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i740_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-ati_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-tek4957_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i128_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-v4l_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-imstt_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-void_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-dev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.3_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.0.2.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-suncg14_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mouse_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sis_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-aiptek_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-i810_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-via_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.2.1-5ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-citron_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xserver-xephyr_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-dev_1.0.2-0ubuntu10.6_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont_1.0.0-0ubuntu3.3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-dev_6.8.2-77.3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-spaceorb_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-siliconmotion_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-chips_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-summa_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-sunleo_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-core_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-dev_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.2.1-5ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cyrix_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-palmax_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.2.1-5ubuntu0.1_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5ubuntu0.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-cirrus_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-dummy_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dynapro_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-neomagic_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_0.99.0+cvs.20050909-1.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xvfb_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-mutouch_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg/xdmx_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xserver-xorg-core_1.1.1-0ubuntu12.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-penmount_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-fbdev_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-magellan_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tga_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1_0.99.0+cvs.20050909-1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xorg-server_1.1.1-0ubuntu12.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-apm_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-tseng_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-glint_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-digitaledge_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xnest_1.0.2-0ubuntu10.6_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vmware_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.3_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx-tools_1.1.1-0ubuntu12.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-s3virge_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xorg-server/xdmx_1.1.1-0ubuntu12.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-elographics_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont1-dbg_1.2.0-0ubuntu3.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libx/libxfont/libxfont-dev_1.0.0-0ubuntu3.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/x-window-system-core_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-vesa_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-dmc_6.8.2-77.3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xlibs-static-pic_6.8.2-77.3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-mga_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xnest_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg-server/xvfb_1.0.2-0ubuntu10.6_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-driver-savage_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-microtouch_6.8.2-77.3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/x/xorg/xserver-xorg-input-acecad_6.8.2-77.3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1667"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/twm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.3.0.dfsg.1-14sarge4.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xspecs_4.3.0.dfsg.1-14sarge4_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/r/rdesktop/rdesktop_1.4.0-2sarge1_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xutils_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xterm_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libdps-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xdm_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxi6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmu6_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/libxpm-dev_4.3.0.dfsg.1-14sarge4_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/x/xfree86/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/),"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
      },
      {
        "trust": 0.1,
        "url": "http://en.wikipedia.org/wiki/x_window_system"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
      },
      {
        "trust": 0.1,
        "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-april/0286.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "PACKETSTORM",
        "id": "62369"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "PACKETSTORM",
        "id": "55598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "PACKETSTORM",
        "id": "62369"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "db": "PACKETSTORM",
        "id": "55598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-04-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "date": "2007-04-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "date": "2007-04-10T00:00:00",
        "db": "BID",
        "id": "23402"
      },
      {
        "date": "2008-01-07T19:39:25",
        "db": "PACKETSTORM",
        "id": "62369"
      },
      {
        "date": "2007-05-10T00:58:06",
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "date": "2007-04-05T06:50:57",
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "date": "2007-04-05T00:54:35",
        "db": "PACKETSTORM",
        "id": "55597"
      },
      {
        "date": "2007-04-05T06:50:16",
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "date": "2007-05-21T03:53:03",
        "db": "PACKETSTORM",
        "id": "56851"
      },
      {
        "date": "2007-04-05T00:58:56",
        "db": "PACKETSTORM",
        "id": "55598"
      },
      {
        "date": "2007-04-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "date": "2007-04-06T01:19:00",
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-24713"
      },
      {
        "date": "2018-10-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2007-1351"
      },
      {
        "date": "2007-05-10T15:49:00",
        "db": "BID",
        "id": "23402"
      },
      {
        "date": "2009-08-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      },
      {
        "date": "2018-10-16T16:38:01.957000",
        "db": "NVD",
        "id": "CVE-2007-1351"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "23402"
      },
      {
        "db": "PACKETSTORM",
        "id": "56596"
      },
      {
        "db": "PACKETSTORM",
        "id": "55673"
      },
      {
        "db": "PACKETSTORM",
        "id": "55672"
      },
      {
        "db": "PACKETSTORM",
        "id": "55598"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "X.Org LibXFont Multiple integer overflow vulnerabilities",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200704-102"
      }
    ],
    "trust": 0.6
  }
}