Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-2317 (GCVE-0-2016-2317)
Vulnerability from cvelistv5
Published
2017-02-03 15:00
Modified
2024-08-05 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:2073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name": "openSUSE-SU-2016:1724",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name": "83241",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name": "DSA-3746",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name": "SUSE-SU-2016:1783",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-03T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2016:2073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name": "openSUSE-SU-2016:1724",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name": "83241",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name": "DSA-3746",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name": "SUSE-SU-2016:1783",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:2073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name": "openSUSE-SU-2016:1724",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name": "83241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name": "DSA-3746",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name": "SUSE-SU-2016:1783",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2317",
"datePublished": "2017-02-03T15:00:00",
"dateReserved": "2016-02-11T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-2317\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-02-03T15:59:00.150\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer en GraphicsMagick 1.3.23 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un archivo SVG manipulado, relacionado con (1) la funci\u00f3n TracePoint en magick/render.c, (2) funci\u00f3n GetToken en magick/utility.c, y (3) funci\u00f3n GetTransformTokens en coders/svg.c.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C64A1165-D893-415C-B7E8-B1AF4C287116\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F892F1B0-514C-42F7-90AE-12ACDFDC1033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74BCA435-7594-49E8-9BAE-9E02E129B6C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D41A798E-0D69-43C7-9A63-1E5921138EAC\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3746\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/02/11/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/20/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/27/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/31/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/09/07/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/09/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/83241\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1306148\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/02/11/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/20/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/27/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/31/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/09/07/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/09/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/83241\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1306148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
}
}
fkie_cve-2016-2317
Vulnerability from fkie_nvd
Published
2017-02-03 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3746 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/02/11/6 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/05/20/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/05/27/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/05/31/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/09/07/4 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/09/18/8 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/83241 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1306148 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3746 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/02/11/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/05/20/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/05/27/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/05/31/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/09/07/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/09/18/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/83241 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1306148 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| graphicsmagick | graphicsmagick | 1.3.23 | |
| debian | debian_linux | 8.0 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | studio_onsite | 1.3 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_software_development_kit | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C64A1165-D893-415C-B7E8-B1AF4C287116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en GraphicsMagick 1.3.23 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un archivo SVG manipulado, relacionado con (1) la funci\u00f3n TracePoint en magick/render.c, (2) funci\u00f3n GetToken en magick/utility.c, y (3) funci\u00f3n GetTransformTokens en coders/svg.c."
}
],
"id": "CVE-2016-2317",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-03T15:59:00.150",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/83241"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/83241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-m3pg-gr36-c7qj
Vulnerability from github
Published
2022-05-14 02:05
Modified
2022-05-14 02:05
Severity ?
VLAI Severity ?
Details
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
{
"affected": [],
"aliases": [
"CVE-2016-2317"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-03T15:59:00Z",
"severity": "MODERATE"
},
"details": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.",
"id": "GHSA-m3pg-gr36-c7qj",
"modified": "2022-05-14T02:05:03Z",
"published": "2022-05-14T02:05:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2317"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/83241"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
opensuse-su-2024:10505-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
GraphicsMagick-1.3.25-1.1 on GA media
Notes
Title of the patch
GraphicsMagick-1.3.25-1.1 on GA media
Description of the patch
These are all security issues fixed in the GraphicsMagick-1.3.25-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10505
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "GraphicsMagick-1.3.25-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the GraphicsMagick-1.3.25-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10505",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10505-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1882 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3736 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3438 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2317 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3714 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3715 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3717 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3718 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5118 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5118/"
}
],
"title": "GraphicsMagick-1.3.25-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10505-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.25-1.1.aarch64",
"product": {
"name": "GraphicsMagick-1.3.25-1.1.aarch64",
"product_id": "GraphicsMagick-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.25-1.1.aarch64",
"product": {
"name": "GraphicsMagick-devel-1.3.25-1.1.aarch64",
"product_id": "GraphicsMagick-devel-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"product_id": "libGraphicsMagick++-devel-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"product_id": "libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"product": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"product_id": "libGraphicsMagick3-config-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.25-1.1.aarch64",
"product": {
"name": "perl-GraphicsMagick-1.3.25-1.1.aarch64",
"product_id": "perl-GraphicsMagick-1.3.25-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.25-1.1.ppc64le",
"product": {
"name": "GraphicsMagick-1.3.25-1.1.ppc64le",
"product_id": "GraphicsMagick-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"product": {
"name": "GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"product_id": "GraphicsMagick-devel-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"product_id": "libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"product": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"product_id": "libGraphicsMagick++-devel-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"product_id": "libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"product": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"product_id": "libGraphicsMagick3-config-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"product": {
"name": "perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"product_id": "perl-GraphicsMagick-1.3.25-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.25-1.1.s390x",
"product": {
"name": "GraphicsMagick-1.3.25-1.1.s390x",
"product_id": "GraphicsMagick-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.25-1.1.s390x",
"product": {
"name": "GraphicsMagick-devel-1.3.25-1.1.s390x",
"product_id": "GraphicsMagick-devel-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"product_id": "libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"product": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"product_id": "libGraphicsMagick++-devel-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"product_id": "libGraphicsMagick-Q16-3-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.25-1.1.s390x",
"product": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.s390x",
"product_id": "libGraphicsMagick3-config-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.25-1.1.s390x",
"product": {
"name": "perl-GraphicsMagick-1.3.25-1.1.s390x",
"product_id": "perl-GraphicsMagick-1.3.25-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.3.25-1.1.x86_64",
"product": {
"name": "GraphicsMagick-1.3.25-1.1.x86_64",
"product_id": "GraphicsMagick-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "GraphicsMagick-devel-1.3.25-1.1.x86_64",
"product": {
"name": "GraphicsMagick-devel-1.3.25-1.1.x86_64",
"product_id": "GraphicsMagick-devel-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"product": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"product_id": "libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"product": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"product_id": "libGraphicsMagick++-devel-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"product": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"product_id": "libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"product": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"product_id": "libGraphicsMagick3-config-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"product": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"product_id": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.3.25-1.1.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.3.25-1.1.x86_64",
"product_id": "perl-GraphicsMagick-1.3.25-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64"
},
"product_reference": "GraphicsMagick-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le"
},
"product_reference": "GraphicsMagick-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x"
},
"product_reference": "GraphicsMagick-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64"
},
"product_reference": "GraphicsMagick-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64"
},
"product_reference": "GraphicsMagick-devel-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le"
},
"product_reference": "GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x"
},
"product_reference": "GraphicsMagick-devel-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-devel-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64"
},
"product_reference": "GraphicsMagick-devel-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64"
},
"product_reference": "libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le"
},
"product_reference": "libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x"
},
"product_reference": "libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick++-devel-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64"
},
"product_reference": "libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64"
},
"product_reference": "libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64"
},
"product_reference": "libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le"
},
"product_reference": "libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x"
},
"product_reference": "libGraphicsMagick3-config-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick3-config-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64"
},
"product_reference": "libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64"
},
"product_reference": "libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.25-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64"
},
"product_reference": "perl-GraphicsMagick-1.3.25-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.25-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le"
},
"product_reference": "perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.25-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x"
},
"product_reference": "perl-GraphicsMagick-1.3.25-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.3.25-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.3.25-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-1882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1882"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1882",
"url": "https://www.suse.com/security/cve/CVE-2009-1882"
},
{
"category": "external",
"summary": "SUSE Bug 507728 for CVE-2009-1882",
"url": "https://bugzilla.suse.com/507728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-1882"
},
{
"cve": "CVE-2009-3736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3736"
}
],
"notes": [
{
"category": "general",
"text": "ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3736",
"url": "https://www.suse.com/security/cve/CVE-2009-3736"
},
{
"category": "external",
"summary": "SUSE Bug 556122 for CVE-2009-3736",
"url": "https://bugzilla.suse.com/556122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3736"
},
{
"cve": "CVE-2012-3438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3438"
}
],
"notes": [
{
"category": "general",
"text": "The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3438",
"url": "https://www.suse.com/security/cve/CVE-2012-3438"
},
{
"category": "external",
"summary": "SUSE Bug 773612 for CVE-2012-3438",
"url": "https://bugzilla.suse.com/773612"
},
{
"category": "external",
"summary": "SUSE Bug 785093 for CVE-2012-3438",
"url": "https://bugzilla.suse.com/785093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-3438"
},
{
"cve": "CVE-2016-2317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2317"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2317",
"url": "https://www.suse.com/security/cve/CVE-2016-2317"
},
{
"category": "external",
"summary": "SUSE Bug 965853 for CVE-2016-2317",
"url": "https://bugzilla.suse.com/965853"
},
{
"category": "external",
"summary": "SUSE Bug 999673 for CVE-2016-2317",
"url": "https://bugzilla.suse.com/999673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2317"
},
{
"cve": "CVE-2016-3714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3714"
}
],
"notes": [
{
"category": "general",
"text": "The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka \"ImageTragick.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3714",
"url": "https://www.suse.com/security/cve/CVE-2016-3714"
},
{
"category": "external",
"summary": "SUSE Bug 1000484 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/1000484"
},
{
"category": "external",
"summary": "SUSE Bug 1057163 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/1057163"
},
{
"category": "external",
"summary": "SUSE Bug 1105592 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/1105592"
},
{
"category": "external",
"summary": "SUSE Bug 978061 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/978061"
},
{
"category": "external",
"summary": "SUSE Bug 980401 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/980401"
},
{
"category": "external",
"summary": "SUSE Bug 982178 for CVE-2016-3714",
"url": "https://bugzilla.suse.com/982178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-3714"
},
{
"cve": "CVE-2016-3715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3715"
}
],
"notes": [
{
"category": "general",
"text": "The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3715",
"url": "https://www.suse.com/security/cve/CVE-2016-3715"
},
{
"category": "external",
"summary": "SUSE Bug 1000484 for CVE-2016-3715",
"url": "https://bugzilla.suse.com/1000484"
},
{
"category": "external",
"summary": "SUSE Bug 1057163 for CVE-2016-3715",
"url": "https://bugzilla.suse.com/1057163"
},
{
"category": "external",
"summary": "SUSE Bug 1105592 for CVE-2016-3715",
"url": "https://bugzilla.suse.com/1105592"
},
{
"category": "external",
"summary": "SUSE Bug 978061 for CVE-2016-3715",
"url": "https://bugzilla.suse.com/978061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-3715"
},
{
"cve": "CVE-2016-3717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3717"
}
],
"notes": [
{
"category": "general",
"text": "The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3717",
"url": "https://www.suse.com/security/cve/CVE-2016-3717"
},
{
"category": "external",
"summary": "SUSE Bug 1000484 for CVE-2016-3717",
"url": "https://bugzilla.suse.com/1000484"
},
{
"category": "external",
"summary": "SUSE Bug 1057163 for CVE-2016-3717",
"url": "https://bugzilla.suse.com/1057163"
},
{
"category": "external",
"summary": "SUSE Bug 1105592 for CVE-2016-3717",
"url": "https://bugzilla.suse.com/1105592"
},
{
"category": "external",
"summary": "SUSE Bug 978061 for CVE-2016-3717",
"url": "https://bugzilla.suse.com/978061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-3717"
},
{
"cve": "CVE-2016-3718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3718"
}
],
"notes": [
{
"category": "general",
"text": "The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3718",
"url": "https://www.suse.com/security/cve/CVE-2016-3718"
},
{
"category": "external",
"summary": "SUSE Bug 1000484 for CVE-2016-3718",
"url": "https://bugzilla.suse.com/1000484"
},
{
"category": "external",
"summary": "SUSE Bug 1057163 for CVE-2016-3718",
"url": "https://bugzilla.suse.com/1057163"
},
{
"category": "external",
"summary": "SUSE Bug 1105592 for CVE-2016-3718",
"url": "https://bugzilla.suse.com/1105592"
},
{
"category": "external",
"summary": "SUSE Bug 978061 for CVE-2016-3718",
"url": "https://bugzilla.suse.com/978061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-3718"
},
{
"cve": "CVE-2016-5118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5118"
}
],
"notes": [
{
"category": "general",
"text": "The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5118",
"url": "https://www.suse.com/security/cve/CVE-2016-5118"
},
{
"category": "external",
"summary": "SUSE Bug 1000484 for CVE-2016-5118",
"url": "https://bugzilla.suse.com/1000484"
},
{
"category": "external",
"summary": "SUSE Bug 982178 for CVE-2016-5118",
"url": "https://bugzilla.suse.com/982178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:GraphicsMagick-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-Q16-12-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick++-devel-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick-Q16-3-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagick3-config-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:libGraphicsMagickWand-Q16-2-1.3.25-1.1.x86_64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.aarch64",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.ppc64le",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.s390x",
"openSUSE Tumbleweed:perl-GraphicsMagick-1.3.25-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-5118"
}
]
}
gsd-2016-2317
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-2317",
"description": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.",
"id": "GSD-2016-2317",
"references": [
"https://www.suse.com/security/cve/CVE-2016-2317.html",
"https://www.debian.org/security/2016/dsa-3746",
"https://advisories.mageia.org/CVE-2016-2317.html",
"https://alas.aws.amazon.com/cve/html/CVE-2016-2317.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-2317"
],
"details": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.",
"id": "GSD-2016-2317",
"modified": "2023-12-13T01:21:19.576399Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:2073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name": "openSUSE-SU-2016:1724",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name": "83241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name": "DSA-3746",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name": "SUSE-SU-2016:1783",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2317"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306148"
},
{
"name": "83241",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/83241"
},
{
"name": "[oss-security] 20160918 Re: GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/18/8"
},
{
"name": "[oss-security] 20160906 GraphicsMagick 1.3.25 fixes some security issues",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/07/4"
},
{
"name": "[oss-security] 20160531 Re: Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/31/3"
},
{
"name": "[oss-security] 20160527 Security issues addressed in GraphicsMagick SVG reader",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/27/4"
},
{
"name": "[oss-security] 20160520 Re: ImageMagick Is On Fire -- CVE-2016-3714",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/4"
},
{
"name": "[oss-security] 20160211 Re: CVE requests: Multiple vulnerabilities in GraphicsMagick parsing and processing SVG files",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/11/6"
},
{
"name": "DSA-3746",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3746"
},
{
"name": "openSUSE-SU-2016:2073",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html"
},
{
"name": "SUSE-SU-2016:1783",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html"
},
{
"name": "openSUSE-SU-2016:1724",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-10-30T16:27Z",
"publishedDate": "2017-02-03T15:59Z"
}
}
}
suse-su-2016:1783-1
Vulnerability from csaf_suse
Published
2016-07-11 10:12
Modified
2016-07-11 10:12
Summary
Security update for GraphicsMagick
Notes
Title of the patch
Security update for GraphicsMagick
Description of the patch
GraphicsMagick was updated to fix 37 security issues.
These security issues were fixed:
- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).
- CVE-2014-9811: Crash in xwd file handler (bsc#984032).
- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
- CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).
- CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
- CVE-2014-9816: Out of bound access in viff image (bsc#984398).
- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
- CVE-2014-9819: Heap overflow in palm files (bsc#984142).
- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
- CVE-2014-9834: Heap overflow in pict file (bsc#984436).
- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).
- CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
- CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).
- CVE-2014-9807: Double free in pdb coder. (bsc#983794).
- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
- CVE-2014-9805: SEGV due to a corrupted pnm file (bsc#983752).
- CVE-2014-9808: SEGV due to corrupted dpc images (bsc#983796).
- CVE-2014-9820: Heap overflow in xpm files (bsc#984150).
- CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).
- CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799).
- CVE-2016-5240: SVG converting issue resulting in DoS (endless loop) (bsc#983309).
- CVE-2014-9840: Out of bound access in palm file (bsc#984433).
- CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144).
- CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion (bsc#983455).
- CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
- CVE-2014-9829: Out of bound access in sun file (bsc#984409).
- CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).
- CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853).
- CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853).
Patchnames
sdksp4-GraphicsMagick-12644,slestso13-GraphicsMagick-12644
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for GraphicsMagick",
"title": "Title of the patch"
},
{
"category": "description",
"text": "GraphicsMagick was updated to fix 37 security issues.\n\nThese security issues were fixed:\n- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).\n- CVE-2014-9811: Crash in xwd file handler (bsc#984032).\n- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).\n- CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).\n- CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).\n- CVE-2014-9816: Out of bound access in viff image (bsc#984398).\n- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).\n- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).\n- CVE-2014-9819: Heap overflow in palm files (bsc#984142).\n- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).\n- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).\n- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).\n- CVE-2014-9834: Heap overflow in pict file (bsc#984436).\n- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).\n- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).\n- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).\n- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).\n- CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).\n- CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).\n- CVE-2014-9807: Double free in pdb coder. (bsc#983794).\n- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).\n- CVE-2014-9805: SEGV due to a corrupted pnm file (bsc#983752).\n- CVE-2014-9808: SEGV due to corrupted dpc images (bsc#983796).\n- CVE-2014-9820: Heap overflow in xpm files (bsc#984150).\n- CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).\n- CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799).\n- CVE-2016-5240: SVG converting issue resulting in DoS (endless loop) (bsc#983309).\n- CVE-2014-9840: Out of bound access in palm file (bsc#984433).\n- CVE-2014-9847: Incorrect handling of \u0027previous\u0027 image in the JNG decoder (bsc#984144).\n- CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion (bsc#983455).\n- CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).\n- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).\n- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).\n- CVE-2014-9829: Out of bound access in sun file (bsc#984409).\n- CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).\n- CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853).\n- CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-GraphicsMagick-12644,slestso13-GraphicsMagick-12644",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1783-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1783-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161783-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1783-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-July/002152.html"
},
{
"category": "self",
"summary": "SUSE Bug 965853",
"url": "https://bugzilla.suse.com/965853"
},
{
"category": "self",
"summary": "SUSE Bug 983234",
"url": "https://bugzilla.suse.com/983234"
},
{
"category": "self",
"summary": "SUSE Bug 983259",
"url": "https://bugzilla.suse.com/983259"
},
{
"category": "self",
"summary": "SUSE Bug 983309",
"url": "https://bugzilla.suse.com/983309"
},
{
"category": "self",
"summary": "SUSE Bug 983455",
"url": "https://bugzilla.suse.com/983455"
},
{
"category": "self",
"summary": "SUSE Bug 983521",
"url": "https://bugzilla.suse.com/983521"
},
{
"category": "self",
"summary": "SUSE Bug 983523",
"url": "https://bugzilla.suse.com/983523"
},
{
"category": "self",
"summary": "SUSE Bug 983533",
"url": "https://bugzilla.suse.com/983533"
},
{
"category": "self",
"summary": "SUSE Bug 983752",
"url": "https://bugzilla.suse.com/983752"
},
{
"category": "self",
"summary": "SUSE Bug 983794",
"url": "https://bugzilla.suse.com/983794"
},
{
"category": "self",
"summary": "SUSE Bug 983796",
"url": "https://bugzilla.suse.com/983796"
},
{
"category": "self",
"summary": "SUSE Bug 983799",
"url": "https://bugzilla.suse.com/983799"
},
{
"category": "self",
"summary": "SUSE Bug 983803",
"url": "https://bugzilla.suse.com/983803"
},
{
"category": "self",
"summary": "SUSE Bug 984028",
"url": "https://bugzilla.suse.com/984028"
},
{
"category": "self",
"summary": "SUSE Bug 984032",
"url": "https://bugzilla.suse.com/984032"
},
{
"category": "self",
"summary": "SUSE Bug 984035",
"url": "https://bugzilla.suse.com/984035"
},
{
"category": "self",
"summary": "SUSE Bug 984135",
"url": "https://bugzilla.suse.com/984135"
},
{
"category": "self",
"summary": "SUSE Bug 984142",
"url": "https://bugzilla.suse.com/984142"
},
{
"category": "self",
"summary": "SUSE Bug 984144",
"url": "https://bugzilla.suse.com/984144"
},
{
"category": "self",
"summary": "SUSE Bug 984145",
"url": "https://bugzilla.suse.com/984145"
},
{
"category": "self",
"summary": "SUSE Bug 984150",
"url": "https://bugzilla.suse.com/984150"
},
{
"category": "self",
"summary": "SUSE Bug 984166",
"url": "https://bugzilla.suse.com/984166"
},
{
"category": "self",
"summary": "SUSE Bug 984181",
"url": "https://bugzilla.suse.com/984181"
},
{
"category": "self",
"summary": "SUSE Bug 984193",
"url": "https://bugzilla.suse.com/984193"
},
{
"category": "self",
"summary": "SUSE Bug 984372",
"url": "https://bugzilla.suse.com/984372"
},
{
"category": "self",
"summary": "SUSE Bug 984373",
"url": "https://bugzilla.suse.com/984373"
},
{
"category": "self",
"summary": "SUSE Bug 984375",
"url": "https://bugzilla.suse.com/984375"
},
{
"category": "self",
"summary": "SUSE Bug 984379",
"url": "https://bugzilla.suse.com/984379"
},
{
"category": "self",
"summary": "SUSE Bug 984394",
"url": "https://bugzilla.suse.com/984394"
},
{
"category": "self",
"summary": "SUSE Bug 984398",
"url": "https://bugzilla.suse.com/984398"
},
{
"category": "self",
"summary": "SUSE Bug 984400",
"url": "https://bugzilla.suse.com/984400"
},
{
"category": "self",
"summary": "SUSE Bug 984408",
"url": "https://bugzilla.suse.com/984408"
},
{
"category": "self",
"summary": "SUSE Bug 984409",
"url": "https://bugzilla.suse.com/984409"
},
{
"category": "self",
"summary": "SUSE Bug 984433",
"url": "https://bugzilla.suse.com/984433"
},
{
"category": "self",
"summary": "SUSE Bug 984436",
"url": "https://bugzilla.suse.com/984436"
},
{
"category": "self",
"summary": "SUSE Bug 985442",
"url": "https://bugzilla.suse.com/985442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9805 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9807 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9808 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9809 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9810 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9811 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9813 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9814 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9815 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9816 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9817 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9818 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9819 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9820 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9828 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9829 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9830 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9831 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9834 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9835 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9837 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9839 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9840 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9844 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9845 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9846 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9847 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9853 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8894 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8896 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8901 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8903 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2317 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2317/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2318 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2318/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5240 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5241 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5688 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5688/"
}
],
"title": "Security update for GraphicsMagick",
"tracking": {
"current_release_date": "2016-07-11T10:12:26Z",
"generator": {
"date": "2016-07-11T10:12:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1783-1",
"initial_release_date": "2016-07-11T10:12:26Z",
"revision_history": [
{
"date": "2016-07-11T10:12:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-4.41.1.i586",
"product": {
"name": "GraphicsMagick-1.2.5-4.41.1.i586",
"product_id": "GraphicsMagick-1.2.5-4.41.1.i586"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-4.41.1.i586",
"product": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.i586",
"product_id": "libGraphicsMagick2-1.2.5-4.41.1.i586"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-4.41.1.i586",
"product": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.i586",
"product_id": "perl-GraphicsMagick-1.2.5-4.41.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-4.41.1.ia64",
"product": {
"name": "GraphicsMagick-1.2.5-4.41.1.ia64",
"product_id": "GraphicsMagick-1.2.5-4.41.1.ia64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-4.41.1.ia64",
"product": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.ia64",
"product_id": "libGraphicsMagick2-1.2.5-4.41.1.ia64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"product_id": "perl-GraphicsMagick-1.2.5-4.41.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-4.41.1.ppc64",
"product": {
"name": "GraphicsMagick-1.2.5-4.41.1.ppc64",
"product_id": "GraphicsMagick-1.2.5-4.41.1.ppc64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"product": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"product_id": "libGraphicsMagick2-1.2.5-4.41.1.ppc64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"product_id": "perl-GraphicsMagick-1.2.5-4.41.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-4.41.1.s390x",
"product": {
"name": "GraphicsMagick-1.2.5-4.41.1.s390x",
"product_id": "GraphicsMagick-1.2.5-4.41.1.s390x"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-4.41.1.s390x",
"product": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.s390x",
"product_id": "libGraphicsMagick2-1.2.5-4.41.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"product": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"product_id": "perl-GraphicsMagick-1.2.5-4.41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "GraphicsMagick-1.2.5-4.41.1.x86_64",
"product": {
"name": "GraphicsMagick-1.2.5-4.41.1.x86_64",
"product_id": "GraphicsMagick-1.2.5-4.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"product": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"product_id": "libGraphicsMagick2-1.2.5-4.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"product": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"product_id": "perl-GraphicsMagick-1.2.5-4.41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite 1.3",
"product": {
"name": "SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-studioonsite:1.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586"
},
"product_reference": "perl-GraphicsMagick-1.2.5-4.41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x"
},
"product_reference": "perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-GraphicsMagick-1.2.5-4.41.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64"
},
"product_reference": "perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "GraphicsMagick-1.2.5-4.41.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64"
},
"product_reference": "GraphicsMagick-1.2.5-4.41.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libGraphicsMagick2-1.2.5-4.41.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
},
"product_reference": "libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9805"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9805",
"url": "https://www.suse.com/security/cve/CVE-2014-9805"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9805",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983752 for CVE-2014-9805",
"url": "https://bugzilla.suse.com/983752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9805"
},
{
"cve": "CVE-2014-9807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9807"
}
],
"notes": [
{
"category": "general",
"text": "The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9807",
"url": "https://www.suse.com/security/cve/CVE-2014-9807"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9807",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983794 for CVE-2014-9807",
"url": "https://bugzilla.suse.com/983794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9807"
},
{
"cve": "CVE-2014-9808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9808"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9808",
"url": "https://www.suse.com/security/cve/CVE-2014-9808"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9808",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983796 for CVE-2014-9808",
"url": "https://bugzilla.suse.com/983796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9808"
},
{
"cve": "CVE-2014-9809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9809"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9809",
"url": "https://www.suse.com/security/cve/CVE-2014-9809"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9809",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983799 for CVE-2014-9809",
"url": "https://bugzilla.suse.com/983799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9809"
},
{
"cve": "CVE-2014-9810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9810"
}
],
"notes": [
{
"category": "general",
"text": "The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9810",
"url": "https://www.suse.com/security/cve/CVE-2014-9810"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9810",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983803 for CVE-2014-9810",
"url": "https://bugzilla.suse.com/983803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9810"
},
{
"cve": "CVE-2014-9811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9811"
}
],
"notes": [
{
"category": "general",
"text": "The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9811",
"url": "https://www.suse.com/security/cve/CVE-2014-9811"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9811",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984032 for CVE-2014-9811",
"url": "https://bugzilla.suse.com/984032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9811"
},
{
"cve": "CVE-2014-9813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9813"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9813",
"url": "https://www.suse.com/security/cve/CVE-2014-9813"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9813",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984035 for CVE-2014-9813",
"url": "https://bugzilla.suse.com/984035"
},
{
"category": "external",
"summary": "SUSE Bug 984398 for CVE-2014-9813",
"url": "https://bugzilla.suse.com/984398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9813"
},
{
"cve": "CVE-2014-9814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9814"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9814",
"url": "https://www.suse.com/security/cve/CVE-2014-9814"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9814",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984193 for CVE-2014-9814",
"url": "https://bugzilla.suse.com/984193"
},
{
"category": "external",
"summary": "SUSE Bug 984372 for CVE-2014-9814",
"url": "https://bugzilla.suse.com/984372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9814"
},
{
"cve": "CVE-2014-9815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9815"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9815",
"url": "https://www.suse.com/security/cve/CVE-2014-9815"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9815",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984372 for CVE-2014-9815",
"url": "https://bugzilla.suse.com/984372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9815"
},
{
"cve": "CVE-2014-9816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9816"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9816",
"url": "https://www.suse.com/security/cve/CVE-2014-9816"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9816",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984035 for CVE-2014-9816",
"url": "https://bugzilla.suse.com/984035"
},
{
"category": "external",
"summary": "SUSE Bug 984398 for CVE-2014-9816",
"url": "https://bugzilla.suse.com/984398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9816"
},
{
"cve": "CVE-2014-9817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9817"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9817",
"url": "https://www.suse.com/security/cve/CVE-2014-9817"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9817",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984400 for CVE-2014-9817",
"url": "https://bugzilla.suse.com/984400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9817"
},
{
"cve": "CVE-2014-9818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9818"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9818",
"url": "https://www.suse.com/security/cve/CVE-2014-9818"
},
{
"category": "external",
"summary": "SUSE Bug 1000690 for CVE-2014-9818",
"url": "https://bugzilla.suse.com/1000690"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9818",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984181 for CVE-2014-9818",
"url": "https://bugzilla.suse.com/984181"
},
{
"category": "external",
"summary": "SUSE Bug 984186 for CVE-2014-9818",
"url": "https://bugzilla.suse.com/984186"
},
{
"category": "external",
"summary": "SUSE Bug 984409 for CVE-2014-9818",
"url": "https://bugzilla.suse.com/984409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9818"
},
{
"cve": "CVE-2014-9819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9819"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9819",
"url": "https://www.suse.com/security/cve/CVE-2014-9819"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9819",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984142 for CVE-2014-9819",
"url": "https://bugzilla.suse.com/984142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9819"
},
{
"cve": "CVE-2014-9820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9820"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9820",
"url": "https://www.suse.com/security/cve/CVE-2014-9820"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9820",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984150 for CVE-2014-9820",
"url": "https://bugzilla.suse.com/984150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9820"
},
{
"cve": "CVE-2014-9828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9828"
}
],
"notes": [
{
"category": "general",
"text": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9828",
"url": "https://www.suse.com/security/cve/CVE-2014-9828"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9828",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984028 for CVE-2014-9828",
"url": "https://bugzilla.suse.com/984028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9828"
},
{
"cve": "CVE-2014-9829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9829"
}
],
"notes": [
{
"category": "general",
"text": "coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9829",
"url": "https://www.suse.com/security/cve/CVE-2014-9829"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9829",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984409 for CVE-2014-9829",
"url": "https://bugzilla.suse.com/984409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9829"
},
{
"cve": "CVE-2014-9830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9830"
}
],
"notes": [
{
"category": "general",
"text": "coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9830",
"url": "https://www.suse.com/security/cve/CVE-2014-9830"
},
{
"category": "external",
"summary": "SUSE Bug 1000690 for CVE-2014-9830",
"url": "https://bugzilla.suse.com/1000690"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9830",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984135 for CVE-2014-9830",
"url": "https://bugzilla.suse.com/984135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9830"
},
{
"cve": "CVE-2014-9831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9831"
}
],
"notes": [
{
"category": "general",
"text": "coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9831",
"url": "https://www.suse.com/security/cve/CVE-2014-9831"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9831",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984375 for CVE-2014-9831",
"url": "https://bugzilla.suse.com/984375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9831"
},
{
"cve": "CVE-2014-9834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9834"
}
],
"notes": [
{
"category": "general",
"text": "Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9834",
"url": "https://www.suse.com/security/cve/CVE-2014-9834"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9834",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984436 for CVE-2014-9834",
"url": "https://bugzilla.suse.com/984436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9834"
},
{
"cve": "CVE-2014-9835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9835"
}
],
"notes": [
{
"category": "general",
"text": "Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9835",
"url": "https://www.suse.com/security/cve/CVE-2014-9835"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9835",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984145 for CVE-2014-9835",
"url": "https://bugzilla.suse.com/984145"
},
{
"category": "external",
"summary": "SUSE Bug 984375 for CVE-2014-9835",
"url": "https://bugzilla.suse.com/984375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9835"
},
{
"cve": "CVE-2014-9837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9837"
}
],
"notes": [
{
"category": "general",
"text": "coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9837",
"url": "https://www.suse.com/security/cve/CVE-2014-9837"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9837",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984166 for CVE-2014-9837",
"url": "https://bugzilla.suse.com/984166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9837"
},
{
"cve": "CVE-2014-9839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9839"
}
],
"notes": [
{
"category": "general",
"text": "magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9839",
"url": "https://www.suse.com/security/cve/CVE-2014-9839"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9839",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984379 for CVE-2014-9839",
"url": "https://bugzilla.suse.com/984379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9839"
},
{
"cve": "CVE-2014-9840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9840"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9840",
"url": "https://www.suse.com/security/cve/CVE-2014-9840"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9840",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984433 for CVE-2014-9840",
"url": "https://bugzilla.suse.com/984433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9840"
},
{
"cve": "CVE-2014-9844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9844"
}
],
"notes": [
{
"category": "general",
"text": "The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9844",
"url": "https://www.suse.com/security/cve/CVE-2014-9844"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9844",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984373 for CVE-2014-9844",
"url": "https://bugzilla.suse.com/984373"
},
{
"category": "external",
"summary": "SUSE Bug 984408 for CVE-2014-9844",
"url": "https://bugzilla.suse.com/984408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9844"
},
{
"cve": "CVE-2014-9845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9845"
}
],
"notes": [
{
"category": "general",
"text": "The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9845",
"url": "https://www.suse.com/security/cve/CVE-2014-9845"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9845",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984394 for CVE-2014-9845",
"url": "https://bugzilla.suse.com/984394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9845"
},
{
"cve": "CVE-2014-9846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9846"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9846",
"url": "https://www.suse.com/security/cve/CVE-2014-9846"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9846",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983521 for CVE-2014-9846",
"url": "https://bugzilla.suse.com/983521"
},
{
"category": "external",
"summary": "SUSE Bug 984408 for CVE-2014-9846",
"url": "https://bugzilla.suse.com/984408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9846"
},
{
"cve": "CVE-2014-9847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9847"
}
],
"notes": [
{
"category": "general",
"text": "The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9847",
"url": "https://www.suse.com/security/cve/CVE-2014-9847"
},
{
"category": "external",
"summary": "SUSE Bug 1040304 for CVE-2014-9847",
"url": "https://bugzilla.suse.com/1040304"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9847",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984144 for CVE-2014-9847",
"url": "https://bugzilla.suse.com/984144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9847"
},
{
"cve": "CVE-2014-9853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9853"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9853",
"url": "https://www.suse.com/security/cve/CVE-2014-9853"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2014-9853",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 984408 for CVE-2014-9853",
"url": "https://bugzilla.suse.com/984408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2014-9853"
},
{
"cve": "CVE-2015-8894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8894"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8894",
"url": "https://www.suse.com/security/cve/CVE-2015-8894"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2015-8894",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983523 for CVE-2015-8894",
"url": "https://bugzilla.suse.com/983523"
},
{
"category": "external",
"summary": "SUSE Bug 983533 for CVE-2015-8894",
"url": "https://bugzilla.suse.com/983533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-8894"
},
{
"cve": "CVE-2015-8896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8896"
}
],
"notes": [
{
"category": "general",
"text": "Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8896",
"url": "https://www.suse.com/security/cve/CVE-2015-8896"
},
{
"category": "external",
"summary": "SUSE Bug 982969 for CVE-2015-8896",
"url": "https://bugzilla.suse.com/982969"
},
{
"category": "external",
"summary": "SUSE Bug 983533 for CVE-2015-8896",
"url": "https://bugzilla.suse.com/983533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-8896"
},
{
"cve": "CVE-2015-8901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8901"
}
],
"notes": [
{
"category": "general",
"text": "ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8901",
"url": "https://www.suse.com/security/cve/CVE-2015-8901"
},
{
"category": "external",
"summary": "SUSE Bug 983234 for CVE-2015-8901",
"url": "https://bugzilla.suse.com/983234"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-8901"
},
{
"cve": "CVE-2015-8903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8903"
}
],
"notes": [
{
"category": "general",
"text": "The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8903",
"url": "https://www.suse.com/security/cve/CVE-2015-8903"
},
{
"category": "external",
"summary": "SUSE Bug 983259 for CVE-2015-8903",
"url": "https://bugzilla.suse.com/983259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "important"
}
],
"title": "CVE-2015-8903"
},
{
"cve": "CVE-2016-2317",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2317"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2317",
"url": "https://www.suse.com/security/cve/CVE-2016-2317"
},
{
"category": "external",
"summary": "SUSE Bug 965853 for CVE-2016-2317",
"url": "https://bugzilla.suse.com/965853"
},
{
"category": "external",
"summary": "SUSE Bug 999673 for CVE-2016-2317",
"url": "https://bugzilla.suse.com/999673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-2317"
},
{
"cve": "CVE-2016-2318",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2318"
}
],
"notes": [
{
"category": "general",
"text": "GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2318",
"url": "https://www.suse.com/security/cve/CVE-2016-2318"
},
{
"category": "external",
"summary": "SUSE Bug 1047356 for CVE-2016-2318",
"url": "https://bugzilla.suse.com/1047356"
},
{
"category": "external",
"summary": "SUSE Bug 965853 for CVE-2016-2318",
"url": "https://bugzilla.suse.com/965853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-2318"
},
{
"cve": "CVE-2016-5240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5240"
}
],
"notes": [
{
"category": "general",
"text": "The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5240",
"url": "https://www.suse.com/security/cve/CVE-2016-5240"
},
{
"category": "external",
"summary": "SUSE Bug 983309 for CVE-2016-5240",
"url": "https://bugzilla.suse.com/983309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-5240"
},
{
"cve": "CVE-2016-5241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5241"
}
],
"notes": [
{
"category": "general",
"text": "magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5241",
"url": "https://www.suse.com/security/cve/CVE-2016-5241"
},
{
"category": "external",
"summary": "SUSE Bug 983455 for CVE-2016-5241",
"url": "https://bugzilla.suse.com/983455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-5241"
},
{
"cve": "CVE-2016-5688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5688"
}
],
"notes": [
{
"category": "general",
"text": "The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5688",
"url": "https://www.suse.com/security/cve/CVE-2016-5688"
},
{
"category": "external",
"summary": "SUSE Bug 985442 for CVE-2016-5688",
"url": "https://bugzilla.suse.com/985442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libGraphicsMagick2-1.2.5-4.41.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:perl-GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:GraphicsMagick-1.2.5-4.41.1.x86_64",
"SUSE Studio Onsite 1.3:libGraphicsMagick2-1.2.5-4.41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-07-11T10:12:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-5688"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…