SB2017083004 - Multiple vulnerabilities in ImageMagick

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Heap-based buffer overflow (CVE-ID: CVE-2017-13758)

The vulnerability allows a remote attacker can execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in TracePoint() in 'MagickCore/draw.c' when handling malicious content. A remote attacker can send a specially crafted file, trick the victim into loading it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

2) Resource exhaustion (CVE-ID: CVE-2017-12691)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the ReadOneLayer function in coders/xcf.c due to memory consumption. A remote attacker can submit a specially crafted file, trick the victim into opening it, trigger memory corruption and cause the service to crash.

3) Memory leak (CVE-ID: CVE-2017-14343)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ReadXCFImage in coders/xcf.c via due to memory leak. A remote attacker can trick the victim into opening a specially crafted crafted xcf image file and cause the service to crash.

Remediation

Install update from vendor's website.

References

• https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583
• https://github.com/ImageMagick/ImageMagick/commit/ef6cee1bcf144b7c9285787920361a53296e7907
• https://github.com/ImageMagick/ImageMagick/issues/656
• https://github.com/ImageMagick/ImageMagick/issues/649