 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.892523 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DLA-2523-1) |
| Summary: | The remote host is missing an update for the Debian 'imagemagick' package(s) announced via the DLA-2523-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'imagemagick' package(s) announced via the DLA-2523-1 advisory. Vulnerability Insight: Several security vulnerabilities were found in ImageMagick, a suite of image manipulation programs. An attacker could cause denial of service and execution of arbitrary code when a crafted image file is processed. CVE-2017-14528 The TIFFSetProfiles function in coders/tiff.c has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file. CVE-2020-19667 Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c CVE-2020-25665 The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. This could cause impact to reliability. CVE-2020-25674 WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. CVE-2020-27560 ImageMagick allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service. CVE-2020-27750 A flaw was found in MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file that is processedcould trigger undefined behavior in the form of values outside the range of type `unsigned char` and math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. CVE-2020-27760 In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. CVE-2020-27763 A flaw was found in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. CVE-2020-27765 A flaw was found in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. CVE-2020-27773 A flaw was found in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'imagemagick' package(s) on Debian 9. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-14528 BugTraq ID: 100875 http://www.securityfocus.com/bid/100875 http://bugzilla.maptools.org/show_bug.cgi?id=2730 https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32560 https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html Common Vulnerability Exposure (CVE) ID: CVE-2020-19667 https://github.com/ImageMagick/ImageMagick/issues/1895 https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2020-25665 https://bugzilla.redhat.com/show_bug.cgi?id=1891606 Common Vulnerability Exposure (CVE) ID: CVE-2020-25674 https://bugzilla.redhat.com/show_bug.cgi?id=1891928 Common Vulnerability Exposure (CVE) ID: CVE-2020-27560 https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4 SuSE Security Announcement: openSUSE-SU-2020:1884 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00037.html Common Vulnerability Exposure (CVE) ID: CVE-2020-27750 https://bugzilla.redhat.com/show_bug.cgi?id=1891984 Common Vulnerability Exposure (CVE) ID: CVE-2020-27760 https://bugzilla.redhat.com/show_bug.cgi?id=1894239 Common Vulnerability Exposure (CVE) ID: CVE-2020-27763 https://bugzilla.redhat.com/show_bug.cgi?id=1894682 Common Vulnerability Exposure (CVE) ID: CVE-2020-27765 https://bugzilla.redhat.com/show_bug.cgi?id=1894684 Common Vulnerability Exposure (CVE) ID: CVE-2020-27773 https://bugzilla.redhat.com/show_bug.cgi?id=1898295 Common Vulnerability Exposure (CVE) ID: CVE-2020-29599 https://security.gentoo.org/glsa/202101-36 https://github.com/ImageMagick/ImageMagick/discussions/2851 https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html |
| Copyright | Copyright (C) 2021 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |