SUSE-SU-2016:1784-1

Опубликовано: 11 июл. 2016

Источник: suse-cvrf

Описание

Security update for ImageMagick

ImageMagick was updated to fix 66 security issues.

These security issues were fixed:

CVE-2014-9810: SEGV in dpx file handler. (bsc#983803).
CVE-2014-9811: Crash in xwd file handler (bsc#984032).
CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137).
CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).
CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
CVE-2014-9816: Out of bound access in viff image (bsc#984398).
CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
CVE-2014-9819: Heap overflow in palm files (bsc#984142).
CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
CVE-2014-9850: Incorrect thread limit logic (bsc#984149).
CVE-2014-9851: Crash when parsing resource block (bsc#984160).
CVE-2014-9852: Incorrect usage of object after it has been destroyed (bsc#984191).
CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253).
CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
CVE-2015-8900: HDR file DoS (endless loop) (bsc#983232).
CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).
CVE-2014-9834: Heap overflow in pict file (bsc#984436).
CVE-2014-9806: Prevent leak of file descriptor due to corrupted file. (bsc#983774).
CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448).
CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370).
CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184).
CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746).
CVE-2014-9833: Heap overflow in psd file (bsc#984406).
CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
CVE-2015-8895: Integer and Buffer overflow in coders/icon.c (bsc#983527).
CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).
CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739).
CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451).
CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456).
CVE-2014-9836: Crash in xpm file handling (bsc#984023).
CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796).
CVE-2014-9821: Avoid heap overflow in pnm files. (bsc#984014).
CVE-2014-9820: Heap overflow in xpm files (bsc#984150).
CVE-2014-9823: Heap overflow in palm file (bsc#984401).
CVE-2014-9822: Heap overflow in quantum file (bsc#984187).
CVE-2014-9825: Heap overflow in corrupted psd file (bsc#984427).
CVE-2014-9824: Heap overflow in psd file (bsc#984185).
CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799).
CVE-2014-9826: Incorrect error handling in sun files (bsc#984186).
CVE-2014-9843: Incorrect boundary checks in DecodePSDPixels (bsc#984179).
CVE-2014-9842: Memory leak in psd handling (bsc#984374).
CVE-2014-9841: Throwing of exceptions in psd handling (bsc#984172).
CVE-2014-9840: Out of bound access in palm file (bsc#984433).
CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144).
CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).
CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
CVE-2014-9849: Crash in png coder (bsc#984018).
CVE-2014-9848: Memory leak in quantum management (bsc#984404).
CVE-2014-9807: Double free in pdb coder. (bsc#983794).
CVE-2014-9829: Out of bound access in sun file (bsc#984409).
CVE-2014-9832: Heap overflow in pcx file (bsc#984183).
CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752).
CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308).
CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305).
CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292).
CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).
CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460).
CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609).
CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

ImageMagick-6.8.8.1-30.2

libMagick++-6_Q16-3-6.8.8.1-30.2

libMagickCore-6_Q16-1-6.8.8.1-30.2

libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

libMagickWand-6_Q16-1-6.8.8.1-30.2

SUSE Linux Enterprise Server 12 SP1

libMagickCore-6_Q16-1-6.8.8.1-30.2

libMagickWand-6_Q16-1-6.8.8.1-30.2

SUSE Linux Enterprise Server for SAP Applications 12 SP1

libMagickCore-6_Q16-1-6.8.8.1-30.2

libMagickWand-6_Q16-1-6.8.8.1-30.2

SUSE Linux Enterprise Software Development Kit 12 SP1

ImageMagick-6.8.8.1-30.2

ImageMagick-devel-6.8.8.1-30.2

libMagick++-6_Q16-3-6.8.8.1-30.2

libMagick++-devel-6.8.8.1-30.2

perl-PerlMagick-6.8.8.1-30.2

SUSE Linux Enterprise Workstation Extension 12 SP1

ImageMagick-6.8.8.1-30.2

libMagick++-6_Q16-3-6.8.8.1-30.2

libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20161784-1/
Link for SUSE-SU-2016:1784-1
https://lists.suse.com/pipermail/sle-security-updates/2016-July/002153.html
E-Mail link for SUSE-SU-2016:1784-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/983232
SUSE Bug 983232
https://bugzilla.suse.com/983234
SUSE Bug 983234
https://bugzilla.suse.com/983253
SUSE Bug 983253
https://bugzilla.suse.com/983259
SUSE Bug 983259
https://bugzilla.suse.com/983292
SUSE Bug 983292
https://bugzilla.suse.com/983305
SUSE Bug 983305
https://bugzilla.suse.com/983308
SUSE Bug 983308
https://bugzilla.suse.com/983521
SUSE Bug 983521
https://bugzilla.suse.com/983523
SUSE Bug 983523
https://bugzilla.suse.com/983527
SUSE Bug 983527
https://bugzilla.suse.com/983533
SUSE Bug 983533
https://bugzilla.suse.com/983739
SUSE Bug 983739
https://bugzilla.suse.com/983746
SUSE Bug 983746
https://bugzilla.suse.com/983752
SUSE Bug 983752
https://bugzilla.suse.com/983774
SUSE Bug 983774
https://bugzilla.suse.com/983794
SUSE Bug 983794
https://bugzilla.suse.com/983796
SUSE Bug 983796

Описание

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9805.html
CVE-2014-9805
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983752
SUSE Bug 983752

Описание

ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9806.html
CVE-2014-9806
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983774
SUSE Bug 983774

Описание

The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9807.html
CVE-2014-9807
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983794
SUSE Bug 983794

Описание

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9808.html
CVE-2014-9808
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983796
SUSE Bug 983796

Описание

ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9809.html
CVE-2014-9809
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983799
SUSE Bug 983799

Описание

The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9810.html
CVE-2014-9810
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983803
SUSE Bug 983803

Описание

The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9811.html
CVE-2014-9811
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984032
SUSE Bug 984032

Описание

ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9812.html
CVE-2014-9812
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984137
SUSE Bug 984137

Описание

ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9813.html
CVE-2014-9813
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984035
SUSE Bug 984035
https://bugzilla.suse.com/984398
SUSE Bug 984398

Описание

ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9814.html
CVE-2014-9814
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984193
SUSE Bug 984193
https://bugzilla.suse.com/984372
SUSE Bug 984372

Описание

ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9815.html
CVE-2014-9815
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984372
SUSE Bug 984372

Описание

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9816.html
CVE-2014-9816
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984035
SUSE Bug 984035
https://bugzilla.suse.com/984398
SUSE Bug 984398

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9817.html
CVE-2014-9817
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984400
SUSE Bug 984400

Описание

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9818.html
CVE-2014-9818
https://bugzilla.suse.com/1000690
SUSE Bug 1000690
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984181
SUSE Bug 984181
https://bugzilla.suse.com/984186
SUSE Bug 984186
https://bugzilla.suse.com/984409
SUSE Bug 984409

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9819.html
CVE-2014-9819
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984142
SUSE Bug 984142

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9820.html
CVE-2014-9820
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984150
SUSE Bug 984150

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9821.html
CVE-2014-9821
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984014
SUSE Bug 984014

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9822.html
CVE-2014-9822
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984187
SUSE Bug 984187

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9823.html
CVE-2014-9823
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984401
SUSE Bug 984401

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9824.html
CVE-2014-9824
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984185
SUSE Bug 984185

Описание

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9825.html
CVE-2014-9825
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984427
SUSE Bug 984427

Описание

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9826.html
CVE-2014-9826
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984186
SUSE Bug 984186

Описание

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9828.html
CVE-2014-9828
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984028
SUSE Bug 984028

Описание

coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9829.html
CVE-2014-9829
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984409
SUSE Bug 984409

Описание

coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9830.html
CVE-2014-9830
https://bugzilla.suse.com/1000690
SUSE Bug 1000690
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984135
SUSE Bug 984135

Описание

coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9831.html
CVE-2014-9831
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984375
SUSE Bug 984375

Описание

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9832.html
CVE-2014-9832
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984183
SUSE Bug 984183

Описание

Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9833.html
CVE-2014-9833
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984406
SUSE Bug 984406
https://bugzilla.suse.com/984427
SUSE Bug 984427

Описание

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9834.html
CVE-2014-9834
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984436
SUSE Bug 984436

Описание

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9835.html
CVE-2014-9835
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984145
SUSE Bug 984145
https://bugzilla.suse.com/984375
SUSE Bug 984375

Описание

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9836.html
CVE-2014-9836
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984023
SUSE Bug 984023

Описание

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9837.html
CVE-2014-9837
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984166
SUSE Bug 984166

Описание

magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9838.html
CVE-2014-9838
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984370
SUSE Bug 984370

Описание

magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9839.html
CVE-2014-9839
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984379
SUSE Bug 984379

Описание

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9840.html
CVE-2014-9840
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984433
SUSE Bug 984433

Описание

The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9841.html
CVE-2014-9841
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984172
SUSE Bug 984172
https://bugzilla.suse.com/984186
SUSE Bug 984186
https://bugzilla.suse.com/984374
SUSE Bug 984374

Описание

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9842.html
CVE-2014-9842
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984172
SUSE Bug 984172
https://bugzilla.suse.com/984374
SUSE Bug 984374

Описание

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9843.html
CVE-2014-9843
https://bugzilla.suse.com/1000697
SUSE Bug 1000697
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984179
SUSE Bug 984179

Описание

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9844.html
CVE-2014-9844
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984373
SUSE Bug 984373
https://bugzilla.suse.com/984408
SUSE Bug 984408

Описание

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9845.html
CVE-2014-9845
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984394
SUSE Bug 984394

Описание

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9846.html
CVE-2014-9846
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983521
SUSE Bug 983521
https://bugzilla.suse.com/984408
SUSE Bug 984408

Описание

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9847.html
CVE-2014-9847
https://bugzilla.suse.com/1040304
SUSE Bug 1040304
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984144
SUSE Bug 984144

Описание

Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9848.html
CVE-2014-9848
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984404
SUSE Bug 984404

Описание

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9849.html
CVE-2014-9849
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984018
SUSE Bug 984018

Описание

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9850.html
CVE-2014-9850
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984149
SUSE Bug 984149

Описание

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9851.html
CVE-2014-9851
https://bugzilla.suse.com/1106989
SUSE Bug 1106989
https://bugzilla.suse.com/1106996
SUSE Bug 1106996
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984160
SUSE Bug 984160

Описание

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9852.html
CVE-2014-9852
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984191
SUSE Bug 984191

Описание

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9853.html
CVE-2014-9853
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984408
SUSE Bug 984408

Описание

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9854.html
CVE-2014-9854
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/984184
SUSE Bug 984184

Описание

Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8894.html
CVE-2015-8894
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983523
SUSE Bug 983523
https://bugzilla.suse.com/983533
SUSE Bug 983533

Описание

Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8895.html
CVE-2015-8895
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983527
SUSE Bug 983527

Описание

Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8896.html
CVE-2015-8896
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983533
SUSE Bug 983533

Описание

The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8897.html
CVE-2015-8897
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983739
SUSE Bug 983739
https://bugzilla.suse.com/983746
SUSE Bug 983746

Описание

The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8898.html
CVE-2015-8898
https://bugzilla.suse.com/982969
SUSE Bug 982969
https://bugzilla.suse.com/983739
SUSE Bug 983739
https://bugzilla.suse.com/983746
SUSE Bug 983746

Описание

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8900.html
CVE-2015-8900
https://bugzilla.suse.com/983232
SUSE Bug 983232

Описание

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8901.html
CVE-2015-8901
https://bugzilla.suse.com/983234
SUSE Bug 983234

Описание

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8902.html
CVE-2015-8902
https://bugzilla.suse.com/1052711
SUSE Bug 1052711
https://bugzilla.suse.com/983253
SUSE Bug 983253

Описание

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2015-8903.html
CVE-2015-8903
https://bugzilla.suse.com/983259
SUSE Bug 983259

Описание

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-4562.html
CVE-2016-4562
https://bugzilla.suse.com/983292
SUSE Bug 983292
https://bugzilla.suse.com/983305
SUSE Bug 983305
https://bugzilla.suse.com/983308
SUSE Bug 983308
https://bugzilla.suse.com/983309
SUSE Bug 983309

Описание

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-4563.html
CVE-2016-4563
https://bugzilla.suse.com/983305
SUSE Bug 983305

Описание

The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-4564.html
CVE-2016-4564
https://bugzilla.suse.com/983308
SUSE Bug 983308

Описание

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5687.html
CVE-2016-5687
https://bugzilla.suse.com/1000713
SUSE Bug 1000713
https://bugzilla.suse.com/1000714
SUSE Bug 1000714
https://bugzilla.suse.com/1074610
SUSE Bug 1074610
https://bugzilla.suse.com/985448
SUSE Bug 985448

Описание

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5688.html
CVE-2016-5688
https://bugzilla.suse.com/985442
SUSE Bug 985442

Описание

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5689.html
CVE-2016-5689
https://bugzilla.suse.com/985460
SUSE Bug 985460

Описание

The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5690.html
CVE-2016-5690
https://bugzilla.suse.com/985451
SUSE Bug 985451
https://bugzilla.suse.com/985460
SUSE Bug 985460

Описание

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5691.html
CVE-2016-5691
https://bugzilla.suse.com/985456
SUSE Bug 985456
https://bugzilla.suse.com/985460
SUSE Bug 985460

Описание

Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5841.html
CVE-2016-5841
https://bugzilla.suse.com/986609
SUSE Bug 986609

Описание

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:ImageMagick-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagick++-6_Q16-3-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2

SUSE Linux Enterprise Desktop 12 SP1:libMagickCore-6_Q16-1-6.8.8.1-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-5842.html
CVE-2016-5842
https://bugzilla.suse.com/986608
SUSE Bug 986608

SUSE-SU-2016:1784-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

SUSE Linux Enterprise Server 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Software Development Kit 12 SP1

SUSE Linux Enterprise Workstation Extension 12 SP1

Ссылки

Уязвимость: CVE-2014-9805

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9806

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9807

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9808

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9809

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9810

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9811

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9812

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9813

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9814

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9815

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9816

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9817

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9818

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9819

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9820

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9821

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-9822

Описание

Затронутые продукты