Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.0739.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:0739-1)
Summary:The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:0739-1 advisory.
Description:Summary:
The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:0739-1 advisory.

Vulnerability Insight:
This update for ImageMagick fixes the following issues:

Security issues fixed:
CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function
(bsc#1128649).

CVE-2018-18544: Fixed a memory leak in the function WriteMSLImage
(bsc#1113064).

CVE-2018-20467: Fixed an infinite loop in coders/bmp.c (bsc#1120381).

CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage
(bsc#1124365).

CVE-2019-7396: Fixed a memory leak in the function ReadSIXELImage
(bsc#1124367).

CVE-2019-7395: Fixed a memory leak in the function WritePSDChannel
(bsc#1124368).

CVE-2019-7397: Fixed a memory leak in the function WritePDFImage
(bsc#1124366).

CVE-2018-16412: Prevent heap-based buffer over-read in the
ParseImageResourceBlocks function leading to DOS (bsc#1106996).

Non-security issue fixed:
Fixed a regression in regards to the 'edge' comand line flag
(bsc#1106415)

Affected Software/OS:
'ImageMagick' package(s) on SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Desktop Applications 15

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-7175
Debian Security Information: DSA-4712 (Google Search)
https://www.debian.org/security/2020/dsa-4712
https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
https://github.com/ImageMagick/ImageMagick/issues/1450
SuSE Security Announcement: openSUSE-SU-2019:1141 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html
SuSE Security Announcement: openSUSE-SU-2019:1320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html
https://usn.ubuntu.com/4034-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-7395
BugTraq ID: 106850
http://www.securityfocus.com/bid/106850
https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
https://github.com/ImageMagick/ImageMagick/issues/1451
Common Vulnerability Exposure (CVE) ID: CVE-2019-7396
BugTraq ID: 106849
http://www.securityfocus.com/bid/106849
https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
https://github.com/ImageMagick/ImageMagick/issues/1452
Common Vulnerability Exposure (CVE) ID: CVE-2019-7397
BugTraq ID: 106847
http://www.securityfocus.com/bid/106847
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1
https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
https://github.com/ImageMagick/ImageMagick/issues/1454
Common Vulnerability Exposure (CVE) ID: CVE-2019-7398
BugTraq ID: 106848
http://www.securityfocus.com/bid/106848
https://github.com/ImageMagick/ImageMagick/issues/1453
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.