SB2017033016 - Multiple vulnerabilities in ImageMagick
Published: March 30, 2017 Updated: December 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 25 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2016-7523)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
2) Out-of-bounds read (CVE-ID: CVE-2016-7524)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
3) Out-of-bounds read (CVE-ID: CVE-2014-9829)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file.
4) Input validation error (CVE-ID: CVE-2014-9804)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." <a href="http://cwe.mitre.org/data/definitions/835.html">CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')</a>
5) Input validation error (CVE-ID: CVE-2014-9805)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
6) Input validation error (CVE-ID: CVE-2014-9806)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file.
7) Double Free (CVE-ID: CVE-2014-9807)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.
8) Input validation error (CVE-ID: CVE-2014-9808)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
9) Input validation error (CVE-ID: CVE-2014-9809)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image.
10) Input validation error (CVE-ID: CVE-2014-9810)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
11) Input validation error (CVE-ID: CVE-2014-9811)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file.
12) NULL pointer dereference (CVE-ID: CVE-2014-9812)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted ps file.
13) Input validation error (CVE-ID: CVE-2014-9813)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
14) NULL pointer dereference (CVE-ID: CVE-2014-9814)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted wpg file.
15) Input validation error (CVE-ID: CVE-2014-9815)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file.
16) Out-of-bounds read (CVE-ID: CVE-2014-9816)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.
17) Heap-based buffer overflow (CVE-ID: CVE-2014-9817)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted pdb file. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
18) Out-of-bounds read (CVE-ID: CVE-2014-9818)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.
19) Heap-based buffer overflow (CVE-ID: CVE-2014-9819)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted palm file to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Heap-based buffer overflow (CVE-ID: CVE-2014-9820)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted pnm file. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
21) Heap-based buffer overflow (CVE-ID: CVE-2014-9821)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted xpm file. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
22) Heap-based buffer overflow (CVE-ID: CVE-2014-9822)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted quantum file. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
23) Heap-based buffer overflow (CVE-ID: CVE-2014-9823)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted palm file to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
24) Heap-based buffer overflow (CVE-ID: CVE-2014-9824)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted psd file to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
25) Heap-based buffer overflow (CVE-ID: CVE-2014-9825)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in ImageMagick. A remote attacker can use a crafted psd file to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.
References
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420
- https://bugzilla.redhat.com/show_bug.cgi?id=1378754
- https://github.com/ImageMagick/ImageMagick/issues/94
- https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422
- https://bugzilla.redhat.com/show_bug.cgi?id=1378762
- https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb
- https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6
- https://github.com/ImageMagick/ImageMagick/issues/96
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=8e72cbfca8db81132319af14d1f33a3e833666d7
- https://bugzilla.redhat.com/show_bug.cgi?id=1343485
- http://www.openwall.com/lists/oss-security/2014/12/24/1
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee
- https://bugzilla.redhat.com/show_bug.cgi?id=1343459
- https://bugzilla.redhat.com/show_bug.cgi?id=1343460
- https://bugzilla.redhat.com/show_bug.cgi?id=1343462
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=be644895456764f2c2670f297d9d9860ff0bdd75
- https://bugzilla.redhat.com/show_bug.cgi?id=1343463
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82f779cbc24045af2eaecb95d0842ca7b97c71f4
- https://bugzilla.redhat.com/show_bug.cgi?id=1343464
- https://bugzilla.redhat.com/show_bug.cgi?id=1343465
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=68db5f601d4120170b91f5397e596c0b8f9d3a8e
- https://bugzilla.redhat.com/show_bug.cgi?id=1343466
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=82a5bbdd47b9b3f43ce3c2aa18741aecc4a0f962
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=914da276f717b3e21e5af6614887af14af87a9b8
- https://bugzilla.redhat.com/show_bug.cgi?id=1343467
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f093a3119704fd6d349a9ee32b9f71cabe7d04c8
- https://bugzilla.redhat.com/show_bug.cgi?id=1343468
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=35aa01dd5511a2616a6427f7d5d49de0132aeb5f
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=ae8e15370f269a529623b762c1355ab1dbab712e
- https://bugzilla.redhat.com/show_bug.cgi?id=1343469
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=fcced2ba626109d23186282d326427a0fc85fec0
- https://bugzilla.redhat.com/show_bug.cgi?id=1343470
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=1eb3064a9e4a81d0b8cd414e3dcd7fe9b158f241
- https://bugzilla.redhat.com/show_bug.cgi?id=1343471
- https://bugzilla.redhat.com/show_bug.cgi?id=1343472
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=e24de96ab25b396ae914a7640ff4d61e58c40cf0
- https://bugzilla.redhat.com/show_bug.cgi?id=1343473
- https://bugzilla.redhat.com/show_bug.cgi?id=1343474
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330
- https://bugzilla.redhat.com/show_bug.cgi?id=1343475
- https://bugzilla.redhat.com/show_bug.cgi?id=1343476
- https://bugzilla.redhat.com/show_bug.cgi?id=1343477
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8
- https://bugzilla.redhat.com/show_bug.cgi?id=1343478
- https://bugzilla.redhat.com/show_bug.cgi?id=1343479
- https://bugzilla.redhat.com/show_bug.cgi?id=1343480
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276
- https://bugzilla.redhat.com/show_bug.cgi?id=1343481