Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.13993.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:13993-1)
Summary:The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:13993-1 advisory.
Description:Summary:
The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:13993-1 advisory.

Vulnerability Insight:
This update for ImageMagick fixes the following issues:

Security issues fixed:
CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function
(bsc#1128649).

CVE-2018-18544: Fixed memory leak in the function WriteMSLImage
(bsc#1113064).

CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381).

CVE-2019-7397: Fixed a memory leak in the function WritePDFImage
(bsc#1124366).

CVE-2018-16413: Prevent heap-based buffer over-read in the
PushShortPixel function leading to DoS (bsc#1106989).

CVE-2018-16412: Prevent heap-based buffer over-read in the
ParseImageResourceBlocks function leading to DOS (bsc#1106996).

CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage
(bsc#1124365).

Affected Software/OS:
'ImageMagick' package(s) on SUSE Linux Enterprise Software Development Kit 11-SP4, SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-7175
Debian Security Information: DSA-4712 (Google Search)
https://www.debian.org/security/2020/dsa-4712
https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
https://github.com/ImageMagick/ImageMagick/issues/1450
SuSE Security Announcement: openSUSE-SU-2019:1141 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html
SuSE Security Announcement: openSUSE-SU-2019:1320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html
https://usn.ubuntu.com/4034-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-7397
BugTraq ID: 106847
http://www.securityfocus.com/bid/106847
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1
https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
https://github.com/ImageMagick/ImageMagick/issues/1454
Common Vulnerability Exposure (CVE) ID: CVE-2019-7398
BugTraq ID: 106848
http://www.securityfocus.com/bid/106848
https://github.com/ImageMagick/ImageMagick/issues/1453
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.