Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.2106.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:2106-1)
Summary:The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:2106-1 advisory.
Description:Summary:
The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2019:2106-1 advisory.

Vulnerability Insight:
This update for ImageMagick fixes the following issues:
CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()
(bsc#1140554).

CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to
mishandling the NoSuchImage error in CLIListOperatorImages (bsc#1140520).

CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an
error in MagickWand/mogrify.c (bsc#1140501).

CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a
wand/mogrify.c error (bsc#1140513).

CVE-2019-13303: Fixed a heap-based buffer over-read in
MagickCore/composite.c in CompositeImage (bsc#1140549).

CVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of an
error in CLIListOperatorImages in MagickWand/operation.c (bsc#1140665).

CVE-2019-13299: Fixed a heap-based buffer over-read at
MagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).

CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in
MagickCore/layer.c (bsc#1141171).

CVE-2019-13295: Fixed a heap-based buffer over-read at
MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).

CVE-2019-13297: Fixed a heap-based buffer over-read at
MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).

CVE-2019-12979: Fixed the use of uninitialized values in
SyncImageSettings() (bsc#1139886).

CVE-2019-13391: Fixed a heap-based buffer over-read in
MagickCore/fourier.c (bsc#1140673).

CVE-2019-13308: Fixed a heap-based buffer overflow in
MagickCore/fourier.c (bsc#1140534).

CVE-2019-13302: Fixed a heap-based buffer over-read in
MagickCore/fourier.c in ComplexImages (bsc#1140552).

CVE-2019-13298: Fixed a heap-based buffer overflow at
MagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).

CVE-2019-13300: Fixed a heap-based buffer overflow at
MagickCore/statistic.c in EvaluateImages (bsc#1140669).

CVE-2019-13307: Fixed a heap-based buffer overflow at
MagickCore/statistic.c (bsc#1140538).

CVE-2019-12977: Fixed the use of uninitialized values in WriteJP2Imag()
(bsc#1139884).

CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in
coders/dpx.c (bsc#1140106).

CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage()
(bsc#1140103).

CVE-2019-12978: Fixed the use of uninitialized values in
ReadPANGOImage() (bsc#1139885).

CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage()
(bsc#1140111).

CVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in
WritePNMImage (bsc#1140547).

CVE-2019-13305: Fixed one more stack-based buffer overflow at
coders/pnm.c in WritePNMImage (bsc#1140545).

CVE-2019-13306: Fixed an additional stack-based buffer overflow at
coders/pnm.c in WritePNMImage (bsc#1140543).

CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).

CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).

CVE-2019-13137: Fixed a memory leak in the ReadPSI... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'ImageMagick' package(s) on SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Module for Desktop Applications 15

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-12974
Common Vulnerability Exposure (CVE) ID: CVE-2019-12975
Common Vulnerability Exposure (CVE) ID: CVE-2019-12976
Common Vulnerability Exposure (CVE) ID: CVE-2019-12977
Common Vulnerability Exposure (CVE) ID: CVE-2019-12978
Common Vulnerability Exposure (CVE) ID: CVE-2019-12979
Common Vulnerability Exposure (CVE) ID: CVE-2019-13133
Common Vulnerability Exposure (CVE) ID: CVE-2019-13134
Common Vulnerability Exposure (CVE) ID: CVE-2019-13135
Common Vulnerability Exposure (CVE) ID: CVE-2019-13136
Common Vulnerability Exposure (CVE) ID: CVE-2019-13137
Common Vulnerability Exposure (CVE) ID: CVE-2019-13295
Common Vulnerability Exposure (CVE) ID: CVE-2019-13296
Common Vulnerability Exposure (CVE) ID: CVE-2019-13297
Common Vulnerability Exposure (CVE) ID: CVE-2019-13298
Common Vulnerability Exposure (CVE) ID: CVE-2019-13299
Common Vulnerability Exposure (CVE) ID: CVE-2019-13300
Common Vulnerability Exposure (CVE) ID: CVE-2019-13301
Common Vulnerability Exposure (CVE) ID: CVE-2019-13302
Common Vulnerability Exposure (CVE) ID: CVE-2019-13303
Common Vulnerability Exposure (CVE) ID: CVE-2019-13304
Common Vulnerability Exposure (CVE) ID: CVE-2019-13305
Common Vulnerability Exposure (CVE) ID: CVE-2019-13306
Common Vulnerability Exposure (CVE) ID: CVE-2019-13307
Common Vulnerability Exposure (CVE) ID: CVE-2019-13308
Common Vulnerability Exposure (CVE) ID: CVE-2019-13309
Common Vulnerability Exposure (CVE) ID: CVE-2019-13310
Common Vulnerability Exposure (CVE) ID: CVE-2019-13311
Common Vulnerability Exposure (CVE) ID: CVE-2019-13391
Common Vulnerability Exposure (CVE) ID: CVE-2019-13454
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.