#VU34941 Out-of-bounds write in GraphicsMagick


Published: 2019-12-24 | Updated: 2020-08-08

Vulnerability identifier: #VU34941

Vulnerability risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-19951

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GraphicsMagick
Universal components / Libraries / Libraries used by multiple products

Vendor: GraphicsMagick Group

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GraphicsMagick: 1.4

External links
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html
http://lists.debian.org/debian-lts-announce/2020/01/msg00029.html
http://sourceforge.net/p/graphicsmagick/bugs/608/
http://www.debian.org/security/2020/dsa-4640

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Debian update for graphicsmagick
OpenSUSE Linux update for GraphicsMagick
OpenSUSE Linux update for GraphicsMagick
Multiple vulnerabilities in GraphicsMagick