SB2018031613 - Multiple vulnerabilities in ImageMagick

Security Bulletin ID SB2018031613

Severity

Low

Patch available

YES

Number of vulnerabilities 10

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2017-11524)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to assertion failure when processing input data. A remote attacker can send a specially crafted file and cause the service to crash.

2) Resource exhaustion (CVE-ID: CVE-2017-12692)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the ReadVIFFImage function in coders/viff.c due to memory consumption. A remote attacker can trick the victim into opening a specially crafted VIFF file, trigger resource exhaustion and cause the service to crash.

3) Resource exhaustion (CVE-ID: CVE-2017-12693)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the ReadBMPImage function in coders/bmp.c due to memory consumption. A remote attacker can trick the victim into opening a specially crafted BMP file, trigger resource exhaustion and cause the service to crash.

4) NULL pointer dereference (CVE-ID: CVE-2017-13768)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the IdentifyImage function in MagickCore/identify.c due to NULL pointer dereference. A remote attacker can trick the victim into opening a specially crafted image file and cause the service to crash.

5) NULL pointer dereference (CVE-ID: CVE-2017-14505)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in DrawGetStrokeDashArray in wand/drawing-wand.c due to mishandling certain NULL arrays. A remote attacker can trick the victim into opening a specially crafted Image File, trigger NULL pointer dereference and cause the service to crash.

6) NULL pointer dereference (CVE-ID: CVE-2017-14739)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the AcquireResampleFilterThreadSet function in magick/resample-private.h due to mishandling failed memory allocation. A remote attacker can trigger NULL pointer dereference and cause the service to crash.

7) NULL pointer dereference (CVE-ID: CVE-2017-15016)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ReadEnhMetaFile in coders/emf.c due to NULL pointer dereference. A remote attacker can cause the service to crash.

8) NULL pointer dereference (CVE-ID: CVE-2017-15017)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ReadOneMNGImage in coders/png.c due to NULL pointer dereference. A remote attacker can cause the service to crash.

9) Improper input validation (CVE-ID: CVE-2017-9500)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the ResetImageProfileIterator function due to assertion failure. A remote attacker can trick the victim into opening a specially crafted file and cause the service to crash.

10) Double free error (CVE-ID: CVE-2018-8804)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in WriteEPTImage in coders/ept.c due to double free error. A remote attacker can trick the victim into opening a specially crafted file and cause the service to crash.

Remediation

Install update from vendor's website.

SB2018031613 - Multiple vulnerabilities in ImageMagick

Breakdown by Severity

Description

Remediation

References

Please verify you're human