SB2017052205 - Multiple vulnerabilities in ImageMagick
Published: May 22, 2017 Updated: May 30, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 vulnerabilities.
1) Memory leak (CVE-ID: CVE-2017-8346)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote unauthenticated attacker to cause DoS conditions on the target system.
The weakness exists due to memory leak in ReadDCMImage function in dcm.c when handling malicious files. A remote attacker can send a specially crafted image file, trigger boundary error and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
2) Improper input validation (CVE-ID: CVE-2017-9144)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect EOF handling when processing a specially crafted RLE image in coders/rle.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform denial of service attack.
3) Memory leak (CVE-ID: CVE-2017-9143)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c. A remote attacker can create a specially crafted .art file and perform a denial of service attack.
4) Memory leak (CVE-ID: CVE-2017-8765)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The function named ReadICONImage in codersicon.c in ImageMagick 7.0.5-5 has being found susceptible to a memory leak. A remote attacker can create a specially crafted ICON file and perform a denial of service attack.
5) Memory leak (CVE-ID: CVE-2017-8357)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
6) Memory leak (CVE-ID: CVE-2017-8356)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
7) Memory leak (CVE-ID: CVE-2017-8355)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
8) Memory leak (CVE-ID: CVE-2017-8354)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
9) Memory leak (CVE-ID: CVE-2017-8353)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
10) Memory leak (CVE-ID: CVE-2017-8352)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
11) Memory leak (CVE-ID: CVE-2017-8351)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
12) Memory leak (CVE-ID: CVE-2017-8350)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within ImageMagick 7.0.5-5, the ReadJNGImage function in png.c. A remote attacker can create a specially crafted file and perform a denial of service attack.
13) Memory leak (CVE-ID: CVE-2017-8349)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadSFWImage function in sfw.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
14) Memory leak (CVE-ID: CVE-2017-8348)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadMATImage function in mat.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
15) Memory leak (CVE-ID: CVE-2017-8347)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadEXRImage function in exr.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
16) Memory leak (CVE-ID: CVE-2017-8345)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadMNGImage function in png.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
17) Memory leak (CVE-ID: CVE-2017-8344)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadPCXImage function in pcx.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
18) Memory leak (CVE-ID: CVE-2017-8343)
CWE-ID: CWE-401 - Missing release of memory after effective lifetime
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ReadAAIImage function in aai.c in ImageMagick 7.0.5-5. A remote attacker can create a specially crafted file and perform a denial of service attack.
Remediation
Install update from vendor's website.
References
- https://github.com/ImageMagick/ImageMagick/issues/440
- https://github.com/ImageMagick/ImageMagick/commit/7fdf9ea808caa3c81a0eb42656e5fafc59084198
- https://github.com/ImageMagick/ImageMagick/commit/7b8c1df65b25d6671f113e2306982eded44ce3b4
- https://github.com/ImageMagick/ImageMagick/issues/456
- https://github.com/ImageMagick/ImageMagick/issues/466
- https://github.com/ImageMagick/ImageMagick/issues/453
- https://github.com/ImageMagick/ImageMagick/issues/449
- https://github.com/ImageMagick/ImageMagick/issues/450
- https://github.com/ImageMagick/ImageMagick/issues/451
- https://github.com/ImageMagick/ImageMagick/issues/454
- https://github.com/ImageMagick/ImageMagick/issues/452
- https://github.com/ImageMagick/ImageMagick/issues/448
- https://github.com/ImageMagick/ImageMagick/issues/447
- https://github.com/ImageMagick/ImageMagick/issues/443
- https://github.com/ImageMagick/ImageMagick/issues/445
- https://github.com/ImageMagick/ImageMagick/issues/441
- https://github.com/ImageMagick/ImageMagick/issues/442
- https://github.com/ImageMagick/ImageMagick/issues/446
- https://github.com/ImageMagick/ImageMagick/issues/444