ID CVE-2017-13058 Type cve Reporter cve@mitre.org Modified 2019-10-03T00:03:00
Description
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
{"openvas": [{"lastseen": "2020-01-31T17:34:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18024", "CVE-2018-12600", "CVE-2018-17965", "CVE-2018-12599", "CVE-2018-18016", "CVE-2017-13058", "CVE-2018-17966"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-19T00:00:00", "id": "OPENVAS:1361412562310851942", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851942", "type": "openvas", "title": "openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2018:3225-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851942\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-19 06:28:33 +0200 (Fri, 19 Oct 2018)\");\n script_cve_id(\"CVE-2017-13058\", \"CVE-2018-12599\", \"CVE-2018-12600\", \"CVE-2018-17965\", \"CVE-2018-17966\", \"CVE-2018-18016\", \"CVE-2018-18024\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2018:3225-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ImageMagick'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ImageMagick fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of\n the coders/bmp.c file. Remote attackers could leverage this\n vulnerability to cause a denial of service via a crafted bmp file.\n (bsc#1111069)\n\n - CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).\n\n - CVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747).\n\n - CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).\n\n - CVE-2018-12600: ReadDIBImage and WriteDIBImage allowed attackers to\n cause an out of bounds write via a crafted file. (bsc#1098545)\n\n - CVE-2018-12599: ReadBMPImage and WriteBMPImage allowed attackers to\n cause an out of bounds write via a crafted file. (bsc#1098546)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1197=1\");\n\n script_tag(name:\"affected\", value:\"ImageMagick on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3225-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00040.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-debuginfo\", rpm:\"ImageMagick-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-debugsource\", rpm:\"ImageMagick-debugsource~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-extra-debuginfo\", rpm:\"ImageMagick-extra-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-6_Q16-3\", rpm:\"libMagick++-6_Q16-3~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-6_Q16-3-debuginfo\", rpm:\"libMagick++-6_Q16-3-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-6_Q16-1\", rpm:\"libMagickCore-6_Q16-1~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-6_Q16-1-debuginfo\", rpm:\"libMagickCore-6_Q16-1-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-6_Q16-1\", rpm:\"libMagickWand-6_Q16-1~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-6_Q16-1-debuginfo\", rpm:\"libMagickWand-6_Q16-1-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-PerlMagick-debuginfo\", rpm:\"perl-PerlMagick-debuginfo~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-devel-32bit\", rpm:\"ImageMagick-devel-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-6_Q16-3-32bit\", rpm:\"libMagick++-6_Q16-3-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-6_Q16-3-debuginfo-32bit\", rpm:\"libMagick++-6_Q16-3-debuginfo-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-devel-32bit\", rpm:\"libMagick++-devel-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-6_Q16-1-32bit\", rpm:\"libMagickCore-6_Q16-1-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-6_Q16-1-debuginfo-32bit\", rpm:\"libMagickCore-6_Q16-1-debuginfo-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-6_Q16-1-32bit\", rpm:\"libMagickWand-6_Q16-1-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-6_Q16-1-debuginfo-32bit\", rpm:\"libMagickWand-6_Q16-1-debuginfo-32bit~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-doc\", rpm:\"ImageMagick-doc~6.8.8.1~73.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-13142", "CVE-2017-17680", "CVE-2017-17884", "CVE-2017-11533", "CVE-2017-14343", "CVE-2017-14531", "CVE-2017-15277", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-11639", "CVE-2017-14224", "CVE-2017-14684", "CVE-2018-11251", "CVE-2017-13060", "CVE-2017-17887", "CVE-2017-12674", "CVE-2017-13144", "CVE-2017-17882", "CVE-2017-14325", "CVE-2017-1000445", "CVE-2018-11655", "CVE-2017-12640", "CVE-2017-13758", "CVE-2017-1000476", "CVE-2017-13143", "CVE-2017-14626", "CVE-2017-14624", "CVE-2017-12587", "CVE-2017-11537", "CVE-2018-7443", "CVE-2017-18252", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-15015", "CVE-2018-9133", "CVE-2018-6405", "CVE-2017-12643", "CVE-2017-15032", "CVE-2017-12433", "CVE-2017-13139", "CVE-2017-12430", "CVE-2017-14532", "CVE-2018-5357", "CVE-2017-14533", "CVE-2017-18251", "CVE-2017-15033", "CVE-2017-14172", "CVE-2018-10177", "CVE-2018-5248", "CVE-2017-15218", "CVE-2017-12877", "CVE-2017-15017", "CVE-2018-11625", "CVE-2017-16546", "CVE-2017-17879", "CVE-2017-17682", "CVE-2017-18022", "CVE-2017-13768", "CVE-2017-14989", "CVE-2017-17681", "CVE-2018-10804", "CVE-2017-14326", "CVE-2017-12692", "CVE-2017-14625", "CVE-2017-17504", "CVE-2017-13131", "CVE-2018-5246", "CVE-2017-14173", "CVE-2017-13058", "CVE-2017-12644", "CVE-2017-18008", "CVE-2017-14607", "CVE-2017-17885", "CVE-2017-15217", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-14505", "CVE-2017-18029", "CVE-2017-14400", "CVE-2017-18271", "CVE-2018-10805", "CVE-2017-11352", "CVE-2017-14341", "CVE-2017-18028", "CVE-2017-12693", "CVE-2018-5247", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-12563", "CVE-2017-15281", "CVE-2018-11656", "CVE-2017-18273", "CVE-2017-10995", "CVE-2018-8804", "CVE-2017-12432", "CVE-2017-14682", "CVE-2017-13134", "CVE-2017-18027", "CVE-2017-13769", "CVE-2017-17934", "CVE-2017-18254", "CVE-2017-18209", "CVE-2017-17914", "CVE-2018-5358", "CVE-2017-12431", "CVE-2017-12670", "CVE-2017-17499", "CVE-2017-12875", "CVE-2018-8960", "CVE-2017-14741", "CVE-2017-15016", "CVE-2017-17881", "CVE-2017-18211", "CVE-2017-12435", "CVE-2017-14739", "CVE-2017-11640", "CVE-2017-14249", "CVE-2017-11535", "CVE-2017-14174", "CVE-2017-12429", "CVE-2017-14342", "CVE-2017-17886", "CVE-2017-13145"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-06-13T00:00:00", "id": "OPENVAS:1361412562310843556", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843556", "type": "openvas", "title": "Ubuntu Update for imagemagick USN-3681-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3681_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for imagemagick USN-3681-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843556\");\n script_version(\"$Revision: 14288 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-13 05:45:46 +0200 (Wed, 13 Jun 2018)\");\n script_cve_id(\"CVE-2017-1000445\", \"CVE-2017-1000476\", \"CVE-2017-10995\", \"CVE-2018-6405\",\n \"CVE-2017-11352\", \"CVE-2017-11533\", \"CVE-2017-11535\", \"CVE-2017-11537\",\n \"CVE-2017-11639\", \"CVE-2017-11640\", \"CVE-2017-12140\", \"CVE-2017-12418\",\n \"CVE-2017-12429\", \"CVE-2017-12430\", \"CVE-2017-12431\", \"CVE-2017-12432\",\n \"CVE-2017-12433\", \"CVE-2017-12435\", \"CVE-2017-12563\", \"CVE-2017-12587\",\n \"CVE-2017-12640\", \"CVE-2017-12643\", \"CVE-2017-12644\", \"CVE-2017-12670\",\n \"CVE-2017-12674\", \"CVE-2017-12691\", \"CVE-2017-12692\", \"CVE-2017-12693\",\n \"CVE-2017-12875\", \"CVE-2017-12877\", \"CVE-2017-12983\", \"CVE-2017-13058\",\n \"CVE-2017-13059\", \"CVE-2017-13060\", \"CVE-2017-13061\", \"CVE-2017-13062\",\n \"CVE-2017-13131\", \"CVE-2017-13134\", \"CVE-2017-13139\", \"CVE-2017-13142\",\n \"CVE-2017-13143\", \"CVE-2017-13144\", \"CVE-2017-13145\", \"CVE-2017-13758\",\n \"CVE-2017-13768\", \"CVE-2017-13769\", \"CVE-2017-14060\", \"CVE-2017-14172\",\n \"CVE-2017-14173\", \"CVE-2017-14174\", \"CVE-2017-14175\", \"CVE-2017-14224\",\n \"CVE-2017-14249\", \"CVE-2017-14325\", \"CVE-2017-14326\", \"CVE-2017-14341\",\n \"CVE-2017-14342\", \"CVE-2017-14343\", \"CVE-2017-14400\", \"CVE-2017-14505\",\n \"CVE-2017-14531\", \"CVE-2017-14532\", \"CVE-2017-14533\", \"CVE-2017-14607\",\n \"CVE-2017-14624\", \"CVE-2017-14625\", \"CVE-2017-14626\", \"CVE-2017-14682\",\n \"CVE-2017-14684\", \"CVE-2017-14739\", \"CVE-2017-14741\", \"CVE-2017-14989\",\n \"CVE-2017-15015\", \"CVE-2017-15016\", \"CVE-2017-15017\", \"CVE-2017-15032\",\n \"CVE-2017-15033\", \"CVE-2017-15217\", \"CVE-2017-15218\", \"CVE-2017-15277\",\n \"CVE-2017-15281\", \"CVE-2017-16546\", \"CVE-2017-17499\", \"CVE-2017-17504\",\n \"CVE-2017-17680\", \"CVE-2017-17681\", \"CVE-2017-17682\", \"CVE-2017-17879\",\n \"CVE-2017-17881\", \"CVE-2017-17882\", \"CVE-2017-17884\", \"CVE-2017-17885\",\n \"CVE-2017-17886\", \"CVE-2017-17887\", \"CVE-2017-17914\", \"CVE-2017-17934\",\n \"CVE-2017-18008\", \"CVE-2017-18022\", \"CVE-2017-18027\", \"CVE-2017-18028\",\n \"CVE-2017-18029\", \"CVE-2017-18209\", \"CVE-2017-18211\", \"CVE-2017-18251\",\n \"CVE-2017-18252\", \"CVE-2017-18254\", \"CVE-2017-18271\", \"CVE-2017-18273\",\n \"CVE-2018-10177\", \"CVE-2018-10804\", \"CVE-2018-10805\", \"CVE-2018-11251\",\n \"CVE-2018-11625\", \"CVE-2018-11655\", \"CVE-2018-11656\", \"CVE-2018-5246\",\n \"CVE-2018-5247\", \"CVE-2018-5248\", \"CVE-2018-5357\", \"CVE-2018-5358\",\n \"CVE-2018-7443\", \"CVE-2018-8804\", \"CVE-2018-8960\", \"CVE-2018-9133\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for imagemagick USN-3681-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\nthe target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that ImageMagick incorrectly\nhandled certain malformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could exploit this to\ncause a denial of service or possibly execute code with the privileges of\nthe user invoking the program.\");\n script_tag(name:\"affected\", value:\"imagemagick on Ubuntu 18.04 LTS,\n Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"USN\", value:\"3681-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3681-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|18\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.7.7.10-6ubuntu3.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++5\", ver:\"8:6.7.7.10-6ubuntu3.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5\", ver:\"8:6.7.7.10-6ubuntu3.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5-extra\", ver:\"8:6.7.7.10-6ubuntu3.11\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-16ubuntu2.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-16ubuntu2.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-7\", ver:\"8:6.9.7.4+dfsg-16ubuntu2.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-16ubuntu2.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-16ubuntu2.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-7\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu5.11\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu5.11\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu5.11\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu5.11\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu5.11\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-01T06:14:28", "description": "This update for ImageMagick fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of\nthe coders/bmp.c file. Remote attackers could leverage this\nvulnerability to cause a denial of service via a crafted bmp file.\n(bsc#1111069)\n\nCVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).\n\nCVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747).\n\nCVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).\n\nCVE-2018-12600: ReadDIBImage and WriteDIBImage allowed attackers to\ncause an out of bounds write via a crafted file. (bsc#1098545)\n\nCVE-2018-12599: ReadBMPImage and WriteBMPImage allowed attackers to\ncause an out of bounds write via a crafted file. (bsc#1098546)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 20, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-18T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:3191-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18024", "CVE-2018-12600", "CVE-2018-17965", "CVE-2018-12599", "CVE-2018-18016", "CVE-2017-13058", "CVE-2018-17966"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ImageMagick-debugsource", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:ImageMagick", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16", "p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo"], "id": "SUSE_SU-2018-3191-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3191-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118198);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/10 13:51:49\");\n\n script_cve_id(\"CVE-2017-13058\", \"CVE-2018-12599\", \"CVE-2018-12600\", \"CVE-2018-17965\", \"CVE-2018-17966\", \"CVE-2018-18016\", \"CVE-2018-18024\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:3191-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of\nthe coders/bmp.c file. Remote attackers could leverage this\nvulnerability to cause a denial of service via a crafted bmp file.\n(bsc#1111069)\n\nCVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).\n\nCVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747).\n\nCVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).\n\nCVE-2018-12600: ReadDIBImage and WriteDIBImage allowed attackers to\ncause an out of bounds write via a crafted file. (bsc#1098545)\n\nCVE-2018-12599: ReadBMPImage and WriteBMPImage allowed attackers to\ncause an out of bounds write via a crafted file. (bsc#1098546)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12599/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-12600/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-17966/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18016/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18024/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183191-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1753ab6e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-2287=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2287=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2287=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2287=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ImageMagick-debugsource-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.82.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.82.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:34:19", "description": "This update for ImageMagick fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-18024: Fixed an infinite loop in the\n ReadBMPImage function of the coders/bmp.c file. Remote\n attackers could leverage this vulnerability to cause a\n denial of service via a crafted bmp file. (bsc#1111069)\n\n - CVE-2018-18016: Fixed a memory leak in WritePCXImage\n (bsc#1111072).\n\n - CVE-2018-17965: Fixed a memory leak in WriteSGIImage\n (bsc#1110747).\n\n - CVE-2018-17966: Fixed a memory leak in WritePDBImage\n (bsc#1110746).\n\n - CVE-2018-12600: ReadDIBImage and WriteDIBImage allowed\n attackers to cause an out of bounds write via a crafted\n file. (bsc#1098545)\n\n - CVE-2018-12599: ReadBMPImage and WriteBMPImage allowed\n attackers to cause an out of bounds write via a crafted\n file. (bsc#1098546)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "edition": 14, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-19T00:00:00", "title": "openSUSE Security Update : ImageMagick (openSUSE-2018-1197)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18024", "CVE-2018-12600", "CVE-2018-17965", "CVE-2018-12599", "CVE-2018-18016", "CVE-2017-13058", "CVE-2018-17966"], "modified": "2018-10-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1", "p-cpe:/a:novell:opensuse:ImageMagick-debuginfo", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1", "p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit", "p-cpe:/a:novell:opensuse:ImageMagick-devel", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-extra", "p-cpe:/a:novell:opensuse:ImageMagick-debugsource", "p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:ImageMagick", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libMagick++-devel-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit", "p-cpe:/a:novell:opensuse:perl-PerlMagick", "p-cpe:/a:novell:opensuse:libMagick++-devel"], "id": "OPENSUSE-2018-1197.NASL", "href": "https://www.tenable.com/plugins/nessus/118219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1197.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118219);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-13058\", \"CVE-2018-12599\", \"CVE-2018-12600\", \"CVE-2018-17965\", \"CVE-2018-17966\", \"CVE-2018-18016\", \"CVE-2018-18024\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2018-1197)\");\n script_summary(english:\"Check for the openSUSE-2018-1197 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-18024: Fixed an infinite loop in the\n ReadBMPImage function of the coders/bmp.c file. Remote\n attackers could leverage this vulnerability to cause a\n denial of service via a crafted bmp file. (bsc#1111069)\n\n - CVE-2018-18016: Fixed a memory leak in WritePCXImage\n (bsc#1111072).\n\n - CVE-2018-17965: Fixed a memory leak in WriteSGIImage\n (bsc#1110747).\n\n - CVE-2018-17966: Fixed a memory leak in WritePDBImage\n (bsc#1110746).\n\n - CVE-2018-12600: ReadDIBImage and WriteDIBImage allowed\n attackers to cause an out of bounds write via a crafted\n file. (bsc#1098545)\n\n - CVE-2018-12599: ReadBMPImage and WriteBMPImage allowed\n attackers to cause an out of bounds write via a crafted\n file. (bsc#1098546)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111072\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-debugsource-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-devel-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-extra-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-6_Q16-3-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-devel-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"perl-PerlMagick-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-73.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-73.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:51:09", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-11637: A NULL pointer dereference in\n WritePCLImage() in coders/pcl.c was fixed which could\n lead to a crash (bsc#1050669)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-02-21T00:00:00", "title": "SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0486-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11448", "CVE-2017-12418", "CVE-2017-14224", "CVE-2017-12674", "CVE-2017-11537", "CVE-2018-6405", "CVE-2017-12664", "CVE-2017-11638", "CVE-2017-13131", "CVE-2017-13058", "CVE-2017-17885", "CVE-2017-11166", "CVE-2017-12566", "CVE-2017-18028", "CVE-2017-12432", "CVE-2017-9407", "CVE-2017-11642", "CVE-2017-11450", "CVE-2017-12668", "CVE-2017-11637", "CVE-2017-12427", "CVE-2017-12654", "CVE-2017-12665", "CVE-2017-12429"], "modified": "2018-02-21T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:libMagickCore1"], "id": "SUSE_SU-2018-0486-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0486-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106926);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11166\", \"CVE-2017-11448\", \"CVE-2017-11450\", \"CVE-2017-11537\", \"CVE-2017-11637\", \"CVE-2017-11638\", \"CVE-2017-11642\", \"CVE-2017-12418\", \"CVE-2017-12427\", \"CVE-2017-12429\", \"CVE-2017-12432\", \"CVE-2017-12566\", \"CVE-2017-12654\", \"CVE-2017-12664\", \"CVE-2017-12665\", \"CVE-2017-12668\", \"CVE-2017-12674\", \"CVE-2017-13058\", \"CVE-2017-13131\", \"CVE-2017-14224\", \"CVE-2017-17885\", \"CVE-2017-18028\", \"CVE-2017-9407\", \"CVE-2018-6405\");\n\n script_name(english:\"SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0486-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-11637: A NULL pointer dereference in\n WritePCLImage() in coders/pcl.c was fixed which could\n lead to a crash (bsc#1050669)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11448/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11637/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11638/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11642/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12427/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12432/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12654/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12664/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12665/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12668/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12674/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13131/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17885/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18028/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9407/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-6405/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180486-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c0a410ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-ImageMagick-13476=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ImageMagick-13476=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ImageMagick-13476=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore1-32bit-6.4.3.6-7.78.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libMagickCore1-32bit-6.4.3.6-7.78.34.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libMagickCore1-6.4.3.6-7.78.34.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T12:36:13", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9405: A memory leak in the ReadICONImage\n function was fixed that could lead to DoS via memory\n exhaustion (bsc#1042911)\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-11170: ReadTGAImage in coders\\tga.c allowed for\n memory exhaustion via invalid colors data in the header\n of a TGA or VST file (bsc#1048272)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11528: ReadDIBImage in coders/dib.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050119)\n\n - CVE-2017-11530: ReadEPTImage in coders/ept.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050122)\n\n - CVE-2017-11531: When ImageMagick processed a crafted\n file in convert, it could lead to a Memory Leak in the\n WriteHISTOGRAMImage() function in coders/histogram.c.\n (bsc#1050126)\n\n - CVE-2017-11533: A information leak by 1 byte due to\n heap-based buffer over-read in the WriteUILImage() in\n coders/uil.c was fixed (bsc#1050132)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12663: A memory leak in WriteMAPImage in\n coders/map.c was fixed that could lead to a DoS via\n memory exhaustion (bsc#1052754)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-14060: A NULL pointer Dereference issue in the\n ReadCUTImage function in coders/cut.c was fixed that\n could have caused a Denial of Service (bsc#1056768)\n\n - CVE-2017-14139: A memory leak vulnerability in\n WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17682: A large loop vulnerability was fixed in\n ExtractPostscript in coders/wpg.c, which allowed\n attackers to cause a denial of service (CPU exhaustion)\n (bsc#1072898)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-17934: A memory leak in the function\n MSLPopImage and ProcessMSLScript could have lead to a\n denial of service (bsc#1074170)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-5357: ImageMagick had memory leaks in the\n ReadDCMImage function in coders/dcm.c. (bsc#1075821)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "edition": 9, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-03-07T00:00:00", "title": "openSUSE Security Update : ImageMagick (openSUSE-2018-230)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11448", "CVE-2017-11533", "CVE-2017-11531", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-14224", "CVE-2017-12674", "CVE-2017-11537", "CVE-2018-6405", "CVE-2018-5357", "CVE-2017-12664", "CVE-2017-11638", "CVE-2017-17682", "CVE-2017-11530", "CVE-2017-13131", "CVE-2017-13058", "CVE-2017-17885", "CVE-2017-11528", "CVE-2017-11166", "CVE-2017-12566", "CVE-2017-18028", "CVE-2017-9405", "CVE-2017-12432", "CVE-2017-9407", "CVE-2017-14139", "CVE-2017-11642", "CVE-2017-17934", "CVE-2017-11450", "CVE-2017-12668", "CVE-2017-11170", "CVE-2017-12663", "CVE-2017-12427", "CVE-2017-12654", "CVE-2017-12665", "CVE-2017-12429"], "modified": "2018-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1", "p-cpe:/a:novell:opensuse:ImageMagick-debuginfo", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1", "p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit", "p-cpe:/a:novell:opensuse:ImageMagick-devel", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-extra", "p-cpe:/a:novell:opensuse:ImageMagick-debugsource", "p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:ImageMagick", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3", "p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libMagick++-devel-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit", "p-cpe:/a:novell:opensuse:perl-PerlMagick", "p-cpe:/a:novell:opensuse:libMagick++-devel"], "id": "OPENSUSE-2018-230.NASL", "href": "https://www.tenable.com/plugins/nessus/107185", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-230.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107185);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11166\", \"CVE-2017-11170\", \"CVE-2017-11448\", \"CVE-2017-11450\", \"CVE-2017-11528\", \"CVE-2017-11530\", \"CVE-2017-11531\", \"CVE-2017-11533\", \"CVE-2017-11537\", \"CVE-2017-11638\", \"CVE-2017-11642\", \"CVE-2017-12418\", \"CVE-2017-12427\", \"CVE-2017-12429\", \"CVE-2017-12432\", \"CVE-2017-12566\", \"CVE-2017-12654\", \"CVE-2017-12663\", \"CVE-2017-12664\", \"CVE-2017-12665\", \"CVE-2017-12668\", \"CVE-2017-12674\", \"CVE-2017-13058\", \"CVE-2017-13131\", \"CVE-2017-14060\", \"CVE-2017-14139\", \"CVE-2017-14224\", \"CVE-2017-17682\", \"CVE-2017-17885\", \"CVE-2017-17934\", \"CVE-2017-18028\", \"CVE-2017-9405\", \"CVE-2017-9407\", \"CVE-2018-5357\", \"CVE-2018-6405\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2018-230)\");\n script_summary(english:\"Check for the openSUSE-2018-230 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9405: A memory leak in the ReadICONImage\n function was fixed that could lead to DoS via memory\n exhaustion (bsc#1042911)\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-11170: ReadTGAImage in coders\\tga.c allowed for\n memory exhaustion via invalid colors data in the header\n of a TGA or VST file (bsc#1048272)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11528: ReadDIBImage in coders/dib.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050119)\n\n - CVE-2017-11530: ReadEPTImage in coders/ept.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050122)\n\n - CVE-2017-11531: When ImageMagick processed a crafted\n file in convert, it could lead to a Memory Leak in the\n WriteHISTOGRAMImage() function in coders/histogram.c.\n (bsc#1050126)\n\n - CVE-2017-11533: A information leak by 1 byte due to\n heap-based buffer over-read in the WriteUILImage() in\n coders/uil.c was fixed (bsc#1050132)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12663: A memory leak in WriteMAPImage in\n coders/map.c was fixed that could lead to a DoS via\n memory exhaustion (bsc#1052754)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-14060: A NULL pointer Dereference issue in the\n ReadCUTImage function in coders/cut.c was fixed that\n could have caused a Denial of Service (bsc#1056768)\n\n - CVE-2017-14139: A memory leak vulnerability in\n WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17682: A large loop vulnerability was fixed in\n ExtractPostscript in coders/wpg.c, which allowed\n attackers to cause a denial of service (CPU exhaustion)\n (bsc#1072898)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-17934: A memory leak in the function\n MSLPopImage and ProcessMSLScript could have lead to a\n denial of service (bsc#1074170)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-5357: ImageMagick had memory leaks in the\n ReadDCMImage function in coders/dcm.c. (bsc#1075821)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1048110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1048272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1056768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1057163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1058009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1075821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1078433\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-debugsource-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-devel-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-extra-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-6_Q16-3-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagick++-devel-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"perl-PerlMagick-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-55.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-55.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:09:44", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9405: A memory leak in the ReadICONImage\n function was fixed that could lead to DoS via memory\n exhaustion (bsc#1042911)\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-11170: ReadTGAImage in coders\\tga.c allowed for\n memory exhaustion via invalid colors data in the header\n of a TGA or VST file (bsc#1048272)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11528: ReadDIBImage in coders/dib.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050119)\n\n - CVE-2017-11530: ReadEPTImage in coders/ept.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050122)\n\n - CVE-2017-11531: When ImageMagick processed a crafted\n file in convert, it could lead to a Memory Leak in the\n WriteHISTOGRAMImage() function in coders/histogram.c.\n (bsc#1050126)\n\n - CVE-2017-11533: A information leak by 1 byte due to\n heap-based buffer over-read in the WriteUILImage() in\n coders/uil.c was fixed (bsc#1050132)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12663: A memory leak in WriteMAPImage in\n coders/map.c was fixed that could lead to a DoS via\n memory exhaustion (bsc#1052754)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-14060: A NULL pointer Dereference issue in the\n ReadCUTImage function in coders/cut.c was fixed that\n could have caused a Denial of Service (bsc#1056768)\n\n - CVE-2017-14139: A memory leak vulnerability in\n WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17682: A large loop vulnerability was fixed in\n ExtractPostscript in coders/wpg.c, which allowed\n attackers to cause a denial of service (CPU exhaustion)\n (bsc#1072898)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-17934: A memory leak in the function\n MSLPopImage and ProcessMSLScript could have lead to a\n denial of service (bsc#1074170)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-5357: ImageMagick had memory leaks in the\n ReadDCMImage function in coders/dcm.c. (bsc#1075821)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-03-02T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0581-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-11448", "CVE-2017-11533", "CVE-2017-11531", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-14224", "CVE-2017-12674", "CVE-2017-11537", "CVE-2018-6405", "CVE-2018-5357", "CVE-2017-12664", "CVE-2017-11638", "CVE-2017-17682", "CVE-2017-11530", "CVE-2017-13131", "CVE-2017-13058", "CVE-2017-17885", "CVE-2017-11528", "CVE-2017-11166", "CVE-2017-12566", "CVE-2017-18028", "CVE-2017-9405", "CVE-2017-12432", "CVE-2017-9407", "CVE-2017-14139", "CVE-2017-11642", "CVE-2017-17934", "CVE-2017-11450", "CVE-2017-12668", "CVE-2017-11170", "CVE-2017-12663", "CVE-2017-12427", "CVE-2017-12654", "CVE-2017-12665", "CVE-2017-12429"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ImageMagick-debugsource", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:ImageMagick", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16", "p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo"], "id": "SUSE_SU-2018-0581-1.NASL", "href": "https://www.tenable.com/plugins/nessus/107116", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0581-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107116);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-11166\", \"CVE-2017-11170\", \"CVE-2017-11448\", \"CVE-2017-11450\", \"CVE-2017-11528\", \"CVE-2017-11530\", \"CVE-2017-11531\", \"CVE-2017-11533\", \"CVE-2017-11537\", \"CVE-2017-11638\", \"CVE-2017-11642\", \"CVE-2017-12418\", \"CVE-2017-12427\", \"CVE-2017-12429\", \"CVE-2017-12432\", \"CVE-2017-12566\", \"CVE-2017-12654\", \"CVE-2017-12663\", \"CVE-2017-12664\", \"CVE-2017-12665\", \"CVE-2017-12668\", \"CVE-2017-12674\", \"CVE-2017-13058\", \"CVE-2017-13131\", \"CVE-2017-14060\", \"CVE-2017-14139\", \"CVE-2017-14224\", \"CVE-2017-17682\", \"CVE-2017-17885\", \"CVE-2017-17934\", \"CVE-2017-18028\", \"CVE-2017-9405\", \"CVE-2017-9407\", \"CVE-2018-5357\", \"CVE-2018-6405\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0581-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2017-9405: A memory leak in the ReadICONImage\n function was fixed that could lead to DoS via memory\n exhaustion (bsc#1042911)\n\n - CVE-2017-9407: In ImageMagick, the ReadPALMImage\n function in palm.c allowed attackers to cause a denial\n of service (memory leak) via a crafted file.\n (bsc#1042824)\n\n - CVE-2017-11166: In ReadXWDImage in coders\\xwd.c a\n memoryleak could have caused memory exhaustion via a\n crafted length (bsc#1048110)\n\n - CVE-2017-11170: ReadTGAImage in coders\\tga.c allowed for\n memory exhaustion via invalid colors data in the header\n of a TGA or VST file (bsc#1048272)\n\n - CVE-2017-11448: The ReadJPEGImage function in\n coders/jpeg.c in ImageMagick allowed remote attackers to\n obtain sensitive information from uninitialized memory\n locations via a crafted file. (bsc#1049375)\n\n - CVE-2017-11450: A remote denial of service in\n coders/jpeg.c was fixed (bsc#1049374)\n\n - CVE-2017-11528: ReadDIBImage in coders/dib.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050119)\n\n - CVE-2017-11530: ReadEPTImage in coders/ept.c allows\n remote attackers to cause DoS via memory exhaustion\n (bsc#1050122)\n\n - CVE-2017-11531: When ImageMagick processed a crafted\n file in convert, it could lead to a Memory Leak in the\n WriteHISTOGRAMImage() function in coders/histogram.c.\n (bsc#1050126)\n\n - CVE-2017-11533: A information leak by 1 byte due to\n heap-based buffer over-read in the WriteUILImage() in\n coders/uil.c was fixed (bsc#1050132)\n\n - CVE-2017-11537: When ImageMagick processed a crafted\n file in convert, it can lead to a Floating Point\n Exception (FPE) in the WritePALMImage() function in\n coders/palm.c, related to an incorrect bits-per-pixel\n calculation. (bsc#1050048)\n\n - CVE-2017-11638, CVE-2017-11642: A NULL pointer\n dereference in theWriteMAPImage() in coders/map.c was\n fixed which could lead to a crash (bsc#1050617)\n\n - CVE-2017-12418: ImageMagick had memory leaks in the\n parse8BIMW and format8BIM functions in coders/meta.c,\n related to the WriteImage function in\n MagickCore/constitute.c. (bsc#1052207)\n\n - CVE-2017-12427: ProcessMSLScript coders/msl.c allowed\n remote attackers to cause a DoS (bsc#1052248)\n\n - CVE-2017-12429: A memory exhaustion flaw in\n ReadMIFFImage in coders/miff.c was fixed, which allowed\n attackers to cause DoS (bsc#1052251)\n\n - CVE-2017-12432: In ImageMagick, a memory exhaustion\n vulnerability was found in the function ReadPCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service. (bsc#1052254)\n\n - CVE-2017-12566: A memory leak in ReadMVGImage in\n coders/mvg.c, could have allowed attackers to cause DoS\n (bsc#1052472)\n\n - CVE-2017-12654: The ReadPICTImage function in\n coders/pict.c in ImageMagick allowed attackers to cause\n a denial of service (memory leak) via a crafted file.\n (bsc#1052761)\n\n - CVE-2017-12663: A memory leak in WriteMAPImage in\n coders/map.c was fixed that could lead to a DoS via\n memory exhaustion (bsc#1052754)\n\n - CVE-2017-12664: ImageMagick had a memory leak\n vulnerability in WritePALMImage in coders/palm.c.\n (bsc#1052750)\n\n - CVE-2017-12665: ImageMagick had a memory leak\n vulnerability in WritePICTImage in coders/pict.c.\n (bsc#1052747)\n\n - CVE-2017-12668: ImageMagick had a memory leak\n vulnerability in WritePCXImage in coders/pcx.c.\n (bsc#1052688)\n\n - CVE-2017-12674: A CPU exhaustion in ReadPDBImage in\n coders/pdb.c was fixed, which allowed attackers to cause\n DoS (bsc#1052711)\n\n - CVE-2017-13058: In ImageMagick, a memory leak\n vulnerability was found in the function WritePCXImage in\n coders/pcx.c, which allowed attackers to cause a denial\n of service via a crafted file. (bsc#1055069)\n\n - CVE-2017-13131: A memory leak vulnerability was found in\n thefunction ReadMIFFImage in coders/miff.c, which\n allowed attackers tocause a denial of service (memory\n consumption in NewL (bsc#1055229)\n\n - CVE-2017-14060: A NULL pointer Dereference issue in the\n ReadCUTImage function in coders/cut.c was fixed that\n could have caused a Denial of Service (bsc#1056768)\n\n - CVE-2017-14139: A memory leak vulnerability in\n WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)\n\n - CVE-2017-14224: A heap-based buffer overflow in\n WritePCXImage in coders/pcx.c could lead to denial of\n service or code execution. (bsc#1058009)\n\n - CVE-2017-17682: A large loop vulnerability was fixed in\n ExtractPostscript in coders/wpg.c, which allowed\n attackers to cause a denial of service (CPU exhaustion)\n (bsc#1072898)\n\n - CVE-2017-17885: In ImageMagick, a memory leak\n vulnerability was found in the function ReadPICTImage in\n coders/pict.c, which allowed attackers to cause a denial\n of service via a crafted PICT image file. (bsc#1074119)\n\n - CVE-2017-17934: A memory leak in the function\n MSLPopImage and ProcessMSLScript could have lead to a\n denial of service (bsc#1074170)\n\n - CVE-2017-18028: A memory exhaustion in the function\n ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)\n\n - CVE-2018-5357: ImageMagick had memory leaks in the\n ReadDCMImage function in coders/dcm.c. (bsc#1075821)\n\n - CVE-2018-6405: In the ReadDCMImage function in\n coders/dcm.c in ImageMagick, each redmap, greenmap, and\n bluemap variable can be overwritten by a new pointer.\n The previous pointer is lost, which leads to a memory\n leak. This allowed remote attackers to cause a denial of\n service. (bsc#1078433)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052754\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1052761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11170/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11448/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11528/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11530/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11531/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11533/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11638/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11642/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12427/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12429/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12432/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12566/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12654/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12663/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12664/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12665/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12668/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12674/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13131/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14139/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-14224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17682/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17885/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-17934/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18028/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9405/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9407/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-6405/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180581-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f1802ee9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-391=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2018-391=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-391=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2018-391=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-391=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-391=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-391=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-391=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2018-391=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ImageMagick-debugsource-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ImageMagick-debugsource-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.42.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T11:06:53", "description": "The remote host is affected by the vulnerability described in GLSA-201711-07\n(ImageMagick: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ImageMagick. Please\n review the referenced CVE identifiers for details.\n \nImpact :\n\n Remote attackers, by enticing a user to process a specially crafted\n file, could obtain sensitive information, cause a Denial of Service\n condition, or have other unspecified impacts.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-13T00:00:00", "title": "GLSA-201711-07 : ImageMagick: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-13142", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-14224", "CVE-2017-13146", "CVE-2017-13060", "CVE-2017-14138", "CVE-2017-13144", "CVE-2017-13758", "CVE-2017-13143", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-13139", "CVE-2017-13132", "CVE-2017-14137", "CVE-2017-14172", "CVE-2017-11724", "CVE-2017-12877", "CVE-2017-13768", "CVE-2017-12692", "CVE-2017-13131", "CVE-2017-14173", "CVE-2017-13133", "CVE-2017-13058", "CVE-2017-13141", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-12876", "CVE-2017-12693", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-15281", "CVE-2017-14139", "CVE-2017-13134", "CVE-2017-13769", "CVE-2017-14248", "CVE-2017-13140", "CVE-2017-11640", "CVE-2017-12427", "CVE-2017-14249", "CVE-2017-14174", "CVE-2017-13145"], "modified": "2017-11-13T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:imagemagick"], "id": "GENTOO_GLSA-201711-07.NASL", "href": "https://www.tenable.com/plugins/nessus/104515", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201711-07.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104515);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-11640\", \"CVE-2017-11724\", \"CVE-2017-12140\", \"CVE-2017-12418\", \"CVE-2017-12427\", \"CVE-2017-12691\", \"CVE-2017-12692\", \"CVE-2017-12693\", \"CVE-2017-12876\", \"CVE-2017-12877\", \"CVE-2017-12983\", \"CVE-2017-13058\", \"CVE-2017-13059\", \"CVE-2017-13060\", \"CVE-2017-13061\", \"CVE-2017-13062\", \"CVE-2017-13131\", \"CVE-2017-13132\", \"CVE-2017-13133\", \"CVE-2017-13134\", \"CVE-2017-13139\", \"CVE-2017-13140\", \"CVE-2017-13141\", \"CVE-2017-13142\", \"CVE-2017-13143\", \"CVE-2017-13144\", \"CVE-2017-13145\", \"CVE-2017-13146\", \"CVE-2017-13758\", \"CVE-2017-13768\", \"CVE-2017-13769\", \"CVE-2017-14060\", \"CVE-2017-14137\", \"CVE-2017-14138\", \"CVE-2017-14139\", \"CVE-2017-14172\", \"CVE-2017-14173\", \"CVE-2017-14174\", \"CVE-2017-14175\", \"CVE-2017-14224\", \"CVE-2017-14248\", \"CVE-2017-14249\", \"CVE-2017-15281\");\n script_xref(name:\"GLSA\", value:\"201711-07\");\n\n script_name(english:\"GLSA-201711-07 : ImageMagick: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201711-07\n(ImageMagick: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ImageMagick. Please\n review the referenced CVE identifiers for details.\n \nImpact :\n\n Remote attackers, by enticing a user to process a specially crafted\n file, could obtain sensitive information, cause a Denial of Service\n condition, or have other unspecified impacts.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201711-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ImageMagick users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.9.9.20'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/imagemagick\", unaffected:make_list(\"ge 6.9.9.20\"), vulnerable:make_list(\"lt 6.9.9.20\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-18T10:55:36", "description": "It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-06-13T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : ImageMagick vulnerabilities (USN-3681-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-13142", "CVE-2017-17680", "CVE-2017-17884", "CVE-2017-11533", "CVE-2017-14343", "CVE-2017-14531", "CVE-2017-15277", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-11639", "CVE-2017-14224", "CVE-2017-14684", "CVE-2018-11251", "CVE-2017-13060", "CVE-2017-17887", "CVE-2017-12674", "CVE-2017-13144", "CVE-2017-17882", "CVE-2017-14325", "CVE-2017-1000445", "CVE-2018-11655", "CVE-2017-12640", "CVE-2017-13758", "CVE-2017-1000476", "CVE-2017-13143", "CVE-2017-14626", "CVE-2017-14624", "CVE-2017-12587", "CVE-2017-11537", "CVE-2018-7443", "CVE-2017-18252", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-15015", "CVE-2018-9133", "CVE-2018-6405", "CVE-2017-12643", "CVE-2017-15032", "CVE-2017-12433", "CVE-2017-13139", "CVE-2017-12430", "CVE-2017-14532", "CVE-2018-5357", "CVE-2017-14533", "CVE-2017-18251", "CVE-2017-15033", "CVE-2017-14172", "CVE-2018-10177", "CVE-2018-5248", "CVE-2017-15218", "CVE-2017-12877", "CVE-2017-15017", "CVE-2018-11625", "CVE-2017-16546", "CVE-2017-17879", "CVE-2017-17682", "CVE-2017-18022", "CVE-2017-13768", "CVE-2017-14989", "CVE-2017-17681", "CVE-2018-10804", "CVE-2017-14326", "CVE-2017-12692", "CVE-2017-14625", "CVE-2017-17504", "CVE-2017-13131", "CVE-2018-5246", "CVE-2017-14173", "CVE-2017-13058", "CVE-2017-12644", "CVE-2017-18008", "CVE-2017-14607", "CVE-2017-17885", "CVE-2017-15217", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-14505", "CVE-2017-18029", "CVE-2017-14400", "CVE-2017-18271", "CVE-2018-10805", "CVE-2017-11352", "CVE-2017-14341", "CVE-2017-18028", "CVE-2017-12693", "CVE-2018-5247", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-12563", "CVE-2017-15281", "CVE-2018-11656", "CVE-2017-18273", "CVE-2017-10995", "CVE-2018-8804", "CVE-2017-12432", "CVE-2017-14682", "CVE-2017-13134", "CVE-2017-18027", "CVE-2017-13769", "CVE-2017-17934", "CVE-2017-18254", "CVE-2017-18209", "CVE-2017-17914", "CVE-2018-5358", "CVE-2017-12431", "CVE-2017-12670", "CVE-2017-17499", "CVE-2017-12875", "CVE-2018-8960", "CVE-2017-14741", "CVE-2017-15016", "CVE-2017-17881", "CVE-2017-18211", "CVE-2017-12435", "CVE-2017-14739", "CVE-2017-11640", "CVE-2017-14249", "CVE-2017-11535", "CVE-2017-14174", "CVE-2017-12429", "CVE-2017-14342", "CVE-2017-17886", "CVE-2017-13145"], "modified": "2018-06-13T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:imagemagick", "cpe:/o:canonical:ubuntu_linux:17.10", "p-cpe:/a:canonical:ubuntu_linux:libmagick++5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16", "p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-7", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3681-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110516", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3681-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110516);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2017-1000445\", \"CVE-2017-1000476\", \"CVE-2017-10995\", \"CVE-2017-11352\", \"CVE-2017-11533\", \"CVE-2017-11535\", \"CVE-2017-11537\", \"CVE-2017-11639\", \"CVE-2017-11640\", \"CVE-2017-12140\", \"CVE-2017-12418\", \"CVE-2017-12429\", \"CVE-2017-12430\", \"CVE-2017-12431\", \"CVE-2017-12432\", \"CVE-2017-12433\", \"CVE-2017-12435\", \"CVE-2017-12563\", \"CVE-2017-12587\", \"CVE-2017-12640\", \"CVE-2017-12643\", \"CVE-2017-12644\", \"CVE-2017-12670\", \"CVE-2017-12674\", \"CVE-2017-12691\", \"CVE-2017-12692\", \"CVE-2017-12693\", \"CVE-2017-12875\", \"CVE-2017-12877\", \"CVE-2017-12983\", \"CVE-2017-13058\", \"CVE-2017-13059\", \"CVE-2017-13060\", \"CVE-2017-13061\", \"CVE-2017-13062\", \"CVE-2017-13131\", \"CVE-2017-13134\", \"CVE-2017-13139\", \"CVE-2017-13142\", \"CVE-2017-13143\", \"CVE-2017-13144\", \"CVE-2017-13145\", \"CVE-2017-13758\", \"CVE-2017-13768\", \"CVE-2017-13769\", \"CVE-2017-14060\", \"CVE-2017-14172\", \"CVE-2017-14173\", \"CVE-2017-14174\", \"CVE-2017-14175\", \"CVE-2017-14224\", \"CVE-2017-14249\", \"CVE-2017-14325\", \"CVE-2017-14326\", \"CVE-2017-14341\", \"CVE-2017-14342\", \"CVE-2017-14343\", \"CVE-2017-14400\", \"CVE-2017-14505\", \"CVE-2017-14531\", \"CVE-2017-14532\", \"CVE-2017-14533\", \"CVE-2017-14607\", \"CVE-2017-14624\", \"CVE-2017-14625\", \"CVE-2017-14626\", \"CVE-2017-14682\", \"CVE-2017-14684\", \"CVE-2017-14739\", \"CVE-2017-14741\", \"CVE-2017-14989\", \"CVE-2017-15015\", \"CVE-2017-15016\", \"CVE-2017-15017\", \"CVE-2017-15032\", \"CVE-2017-15033\", \"CVE-2017-15217\", \"CVE-2017-15218\", \"CVE-2017-15277\", \"CVE-2017-15281\", \"CVE-2017-16546\", \"CVE-2017-17499\", \"CVE-2017-17504\", \"CVE-2017-17680\", \"CVE-2017-17681\", \"CVE-2017-17682\", \"CVE-2017-17879\", \"CVE-2017-17881\", \"CVE-2017-17882\", \"CVE-2017-17884\", \"CVE-2017-17885\", \"CVE-2017-17886\", \"CVE-2017-17887\", \"CVE-2017-17914\", \"CVE-2017-17934\", \"CVE-2017-18008\", \"CVE-2017-18022\", \"CVE-2017-18027\", \"CVE-2017-18028\", \"CVE-2017-18029\", \"CVE-2017-18209\", \"CVE-2017-18211\", \"CVE-2017-18251\", \"CVE-2017-18252\", \"CVE-2017-18254\", \"CVE-2017-18271\", \"CVE-2017-18273\", \"CVE-2018-10177\", \"CVE-2018-10804\", \"CVE-2018-10805\", \"CVE-2018-11251\", \"CVE-2018-11625\", \"CVE-2018-11655\", \"CVE-2018-11656\", \"CVE-2018-5246\", \"CVE-2018-5247\", \"CVE-2018-5248\", \"CVE-2018-5357\", \"CVE-2018-5358\", \"CVE-2018-6405\", \"CVE-2018-7443\", \"CVE-2018-8804\", \"CVE-2018-8960\", \"CVE-2018-9133\");\n script_xref(name:\"USN\", value:\"3681-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : ImageMagick vulnerabilities (USN-3681-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3681-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.10|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.10 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"imagemagick\", pkgver:\"8:6.7.7.10-6ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagick++5\", pkgver:\"8:6.7.7.10-6ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5\", pkgver:\"8:6.7.7.10-6ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5-extra\", pkgver:\"8:6.7.7.10-6ubuntu3.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu5.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu5.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu5.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu5.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu5.11\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"imagemagick\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libmagick++-6.q16-7\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libmagickcore-6.q16-3\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libmagickcore-6.q16-3-extra\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"imagemagick\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagick++-6.q16-7\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagickcore-6.q16-3\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagickcore-6.q16-3-extra\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imagemagick / imagemagick-6.q16 / libmagick++-6.q16-5v5 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2018-10-18T20:30:45", "bulletinFamily": "unix", "cvelist": ["CVE-2018-18024", "CVE-2018-12600", "CVE-2018-17965", "CVE-2018-12599", "CVE-2018-18016", "CVE-2017-13058", "CVE-2018-17966"], "description": "This update for ImageMagick fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of\n the coders/bmp.c file. Remote attackers could leverage this\n vulnerability to cause a denial of service via a crafted bmp file.\n (bsc#1111069)\n - CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072).\n - CVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747).\n - CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746).\n - CVE-2018-12600: ReadDIBImage and WriteDIBImage allowed attackers to\n cause an out of bounds write via a crafted file. (bsc#1098545)\n - CVE-2018-12599: ReadBMPImage and WriteBMPImage allowed attackers to\n cause an out of bounds write via a crafted file. (bsc#1098546)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "modified": "2018-10-18T19:26:33", "published": "2018-10-18T19:26:33", "id": "OPENSUSE-SU-2018:3225-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00040.html", "title": "Security update for ImageMagick (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2017-11-11T18:33:44", "bulletinFamily": "unix", "cvelist": ["CVE-2017-13142", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-14224", "CVE-2017-13146", "CVE-2017-13060", "CVE-2017-14138", "CVE-2017-13144", "CVE-2017-13758", "CVE-2017-13143", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-13139", "CVE-2017-13132", "CVE-2017-14137", "CVE-2017-14172", "CVE-2017-11724", "CVE-2017-12877", "CVE-2017-13768", "CVE-2017-12692", "CVE-2017-13131", "CVE-2017-14173", "CVE-2017-13133", "CVE-2017-13058", "CVE-2017-13141", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-12876", "CVE-2017-12693", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-15281", "CVE-2017-14139", "CVE-2017-13134", "CVE-2017-13769", "CVE-2017-14248", "CVE-2017-13140", "CVE-2017-11640", "CVE-2017-12427", "CVE-2017-14249", "CVE-2017-14174", "CVE-2017-13145"], "description": "### Background\n\nA collection of tools and libraries for many image formats.\n\n### Description\n\nMultiple vulnerabilities have been discovered in ImageMagick. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nRemote attackers, by enticing a user to process a specially crafted file, could obtain sensitive information, cause a Denial of Service condition, or have other unspecified impacts. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ImageMagick users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/imagemagick-6.9.9.20\"", "edition": 1, "modified": "2017-11-11T00:00:00", "published": "2017-11-11T00:00:00", "href": "https://security.gentoo.org/glsa/201711-07", "id": "GLSA-201711-07", "title": "ImageMagick: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:41", "bulletinFamily": "unix", "cvelist": ["CVE-2017-13142", "CVE-2017-17680", "CVE-2017-17884", "CVE-2017-11533", "CVE-2017-14343", "CVE-2017-14531", "CVE-2017-15277", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-11639", "CVE-2017-14224", "CVE-2017-14684", "CVE-2018-11251", "CVE-2017-13060", "CVE-2017-17887", "CVE-2017-12674", "CVE-2017-13144", "CVE-2017-17882", "CVE-2017-14325", "CVE-2017-1000445", "CVE-2018-11655", "CVE-2017-12640", "CVE-2017-13758", "CVE-2017-1000476", "CVE-2017-13143", "CVE-2017-14626", "CVE-2017-14624", "CVE-2017-12587", "CVE-2017-11537", "CVE-2018-7443", "CVE-2017-18252", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-15015", "CVE-2018-9133", "CVE-2018-6405", "CVE-2017-12643", "CVE-2017-15032", "CVE-2017-12433", "CVE-2017-13139", "CVE-2017-12430", "CVE-2017-14532", "CVE-2018-5357", "CVE-2017-14533", "CVE-2017-18251", "CVE-2017-15033", "CVE-2017-14172", "CVE-2018-10177", "CVE-2018-5248", "CVE-2017-15218", "CVE-2017-12877", "CVE-2017-15017", "CVE-2018-11625", "CVE-2017-16546", "CVE-2017-17879", "CVE-2017-17682", "CVE-2017-18022", "CVE-2017-13768", "CVE-2017-14989", "CVE-2017-17681", "CVE-2018-10804", "CVE-2017-14326", "CVE-2017-12692", "CVE-2017-14625", "CVE-2017-17504", "CVE-2017-13131", "CVE-2018-5246", "CVE-2017-14173", "CVE-2017-13058", "CVE-2017-12644", "CVE-2017-18008", "CVE-2017-14607", "CVE-2017-17885", "CVE-2017-15217", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-14505", "CVE-2017-18029", "CVE-2017-14400", "CVE-2017-18271", "CVE-2018-10805", "CVE-2017-11352", "CVE-2017-14341", "CVE-2017-18028", "CVE-2017-12693", "CVE-2018-5247", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-12563", "CVE-2017-15281", "CVE-2018-11656", "CVE-2017-18273", "CVE-2017-10995", "CVE-2018-8804", "CVE-2017-12432", "CVE-2017-14682", "CVE-2017-13134", "CVE-2017-18027", "CVE-2017-13769", "CVE-2017-17934", "CVE-2017-18254", "CVE-2017-18209", "CVE-2017-17914", "CVE-2018-5358", "CVE-2017-12431", "CVE-2017-12670", "CVE-2017-17499", "CVE-2017-12875", "CVE-2018-8960", "CVE-2017-14741", "CVE-2017-15016", "CVE-2017-17881", "CVE-2017-18211", "CVE-2017-12435", "CVE-2017-14739", "CVE-2017-11640", "CVE-2017-14249", "CVE-2017-11535", "CVE-2017-14174", "CVE-2017-12429", "CVE-2017-14342", "CVE-2017-17886", "CVE-2017-13145"], "description": "It was discovered that ImageMagick incorrectly handled certain malformed \nimage files. If a user or automated system using ImageMagick were tricked \ninto opening a specially crafted image, an attacker could exploit this to \ncause a denial of service or possibly execute code with the privileges of \nthe user invoking the program.", "edition": 5, "modified": "2018-06-12T00:00:00", "published": "2018-06-12T00:00:00", "id": "USN-3681-1", "href": "https://ubuntu.com/security/notices/USN-3681-1", "title": "ImageMagick vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:43", "bulletinFamily": "software", "cvelist": ["CVE-2017-13142", "CVE-2017-17680", "CVE-2017-17884", "CVE-2017-11533", "CVE-2017-14343", "CVE-2017-14531", "CVE-2017-15277", "CVE-2017-14175", "CVE-2017-12418", "CVE-2017-14060", "CVE-2017-11639", "CVE-2017-14224", "CVE-2017-14684", "CVE-2018-11251", "CVE-2017-13060", "CVE-2017-17887", "CVE-2017-12674", "CVE-2017-13144", "CVE-2017-17882", "CVE-2017-14325", "CVE-2017-1000445", "CVE-2018-11655", "CVE-2017-12640", "CVE-2017-13758", "CVE-2017-1000476", "CVE-2017-13143", "CVE-2017-14626", "CVE-2017-14624", "CVE-2017-12587", "CVE-2017-11537", "CVE-2018-7443", "CVE-2017-18252", "CVE-2017-12691", "CVE-2017-12983", "CVE-2017-15015", "CVE-2018-9133", "CVE-2018-6405", "CVE-2017-12643", "CVE-2017-15032", "CVE-2017-12433", "CVE-2017-13139", "CVE-2017-12430", "CVE-2017-14532", "CVE-2018-5357", "CVE-2017-14533", "CVE-2017-18251", "CVE-2017-15033", "CVE-2017-14172", "CVE-2018-10177", "CVE-2018-5248", "CVE-2017-15218", "CVE-2017-12877", "CVE-2017-15017", "CVE-2018-11625", "CVE-2017-16546", "CVE-2017-17879", "CVE-2017-17682", "CVE-2017-18022", "CVE-2017-13768", "CVE-2017-14989", "CVE-2017-17681", "CVE-2018-10804", "CVE-2017-14326", "CVE-2017-12692", "CVE-2017-14625", "CVE-2017-17504", "CVE-2017-13131", "CVE-2018-5246", "CVE-2017-14173", "CVE-2017-13058", "CVE-2017-12644", "CVE-2017-18008", "CVE-2017-14607", "CVE-2017-17885", "CVE-2017-15217", "CVE-2017-13062", "CVE-2017-13061", "CVE-2017-14505", "CVE-2017-18029", "CVE-2017-14400", "CVE-2017-18271", "CVE-2018-10805", "CVE-2017-11352", "CVE-2017-14341", "CVE-2017-18028", "CVE-2017-12693", "CVE-2018-5247", "CVE-2017-12140", "CVE-2017-13059", "CVE-2017-12563", "CVE-2017-15281", "CVE-2018-11656", "CVE-2017-18273", "CVE-2017-10995", "CVE-2018-8804", "CVE-2017-12432", "CVE-2017-14682", "CVE-2017-13134", "CVE-2017-18027", "CVE-2017-13769", "CVE-2017-17934", "CVE-2017-18254", "CVE-2017-18209", "CVE-2017-17914", "CVE-2018-5358", "CVE-2017-12431", "CVE-2017-12670", "CVE-2017-17499", "CVE-2017-12875", "CVE-2018-8960", "CVE-2017-14741", "CVE-2017-15016", "CVE-2017-17881", "CVE-2017-18211", "CVE-2017-12435", "CVE-2017-14739", "CVE-2017-11640", "CVE-2017-14249", "CVE-2017-11535", "CVE-2017-14174", "CVE-2017-12429", "CVE-2017-14342", "CVE-2017-17886", "CVE-2017-13145"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nIt was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.216.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.216.0 or later.\n\n# References\n\n * [USN-3681-1](<https://usn.ubuntu.com/3681-1/>)\n * [CVE-2017-1000445](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-1000445>)\n * [CVE-2017-1000476](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-1000476>)\n * [CVE-2017-10995](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-10995>)\n * [CVE-2017-11352](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11352>)\n * [CVE-2017-11533](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11533>)\n * [CVE-2017-11535](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11535>)\n * [CVE-2017-11537](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11537>)\n * [CVE-2017-11639](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11639>)\n * [CVE-2017-11640](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11640>)\n * [CVE-2017-12140](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12140>)\n * [CVE-2017-12418](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12418>)\n * [CVE-2017-12429](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12429>)\n * [CVE-2017-12430](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12430>)\n * [CVE-2017-12431](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12431>)\n * [CVE-2017-12432](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12432>)\n * [CVE-2017-12433](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12433>)\n * [CVE-2017-12435](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12435>)\n * [CVE-2017-12563](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12563>)\n * [CVE-2017-12587](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12587>)\n * [CVE-2017-12640](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12640>)\n * [CVE-2017-12643](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12643>)\n * [CVE-2017-12644](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12644>)\n * [CVE-2017-12670](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12670>)\n * [CVE-2017-12674](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12674>)\n * [CVE-2017-12691](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12691>)\n * [CVE-2017-12692](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12692>)\n * [CVE-2017-12693](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12693>)\n * [CVE-2017-12875](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12875>)\n * [CVE-2017-12877](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12877>)\n * [CVE-2017-12983](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12983>)\n * [CVE-2017-13058](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13058>)\n * [CVE-2017-13059](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13059>)\n * [CVE-2017-13060](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13060>)\n * [CVE-2017-13061](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13061>)\n * [CVE-2017-13062](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13062>)\n * [CVE-2017-13131](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13131>)\n * [CVE-2017-13134](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13134>)\n * [CVE-2017-13139](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13139>)\n * [CVE-2017-13142](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13142>)\n * [CVE-2017-13143](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13143>)\n * [CVE-2017-13144](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13144>)\n * [CVE-2017-13145](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13145>)\n * [CVE-2017-13758](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13758>)\n * [CVE-2017-13768](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13768>)\n * [CVE-2017-13769](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13769>)\n * [CVE-2017-14060](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14060>)\n * [CVE-2017-14172](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14172>)\n * [CVE-2017-14173](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14173>)\n * [CVE-2017-14174](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14174>)\n * [CVE-2017-14175](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14175>)\n * [CVE-2017-14224](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14224>)\n * [CVE-2017-14249](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14249>)\n * [CVE-2017-14325](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14325>)\n * [CVE-2017-14326](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14326>)\n * [CVE-2017-14341](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14341>)\n * [CVE-2017-14342](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14342>)\n * [CVE-2017-14343](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14343>)\n * [CVE-2017-14400](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14400>)\n * [CVE-2017-14505](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14505>)\n * [CVE-2017-14531](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14531>)\n * [CVE-2017-14532](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14532>)\n * [CVE-2017-14533](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14533>)\n * [CVE-2017-14607](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14607>)\n * [CVE-2017-14624](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14624>)\n * [CVE-2017-14625](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14625>)\n * [CVE-2017-14626](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14626>)\n * [CVE-2017-14682](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14682>)\n * [CVE-2017-14684](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14684>)\n * [CVE-2017-14739](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14739>)\n * [CVE-2017-14741](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14741>)\n * [CVE-2017-14989](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14989>)\n * [CVE-2017-15015](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15015>)\n * [CVE-2017-15016](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15016>)\n * [CVE-2017-15017](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15017>)\n * [CVE-2017-15032](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15032>)\n * [CVE-2017-15033](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15033>)\n * [CVE-2017-15217](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15217>)\n * [CVE-2017-15218](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15218>)\n * [CVE-2017-15277](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15277>)\n * [CVE-2017-15281](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15281>)\n * [CVE-2017-16546](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16546>)\n * [CVE-2017-17499](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17499>)\n * [CVE-2017-17504](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17504>)\n * [CVE-2017-17680](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17680>)\n * [CVE-2017-17681](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17681>)\n * [CVE-2017-17682](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17682>)\n * [CVE-2017-17879](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17879>)\n * [CVE-2017-17881](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17881>)\n * [CVE-2017-17882](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17882>)\n * [CVE-2017-17884](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17884>)\n * [CVE-2017-17885](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17885>)\n * [CVE-2017-17886](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17886>)\n * [CVE-2017-17887](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17887>)\n * [CVE-2017-17914](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17914>)\n * [CVE-2017-17934](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17934>)\n * [CVE-2017-18008](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18008>)\n * [CVE-2017-18022](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18022>)\n * [CVE-2017-18027](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18027>)\n * [CVE-2017-18028](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18028>)\n * [CVE-2017-18029](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18029>)\n * [CVE-2017-18209](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18209>)\n * [CVE-2017-18211](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18211>)\n * [CVE-2017-18251](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18251>)\n * [CVE-2017-18252](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18252>)\n * [CVE-2017-18254](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18254>)\n * [CVE-2017-18271](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18271>)\n * [CVE-2017-18273](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18273>)\n * [CVE-2018-10177](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10177>)\n * [CVE-2018-10804](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10804>)\n * [CVE-2018-10805](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10805>)\n * [CVE-2018-11251](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11251>)\n * [CVE-2018-11625](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11625>)\n * [CVE-2018-11655](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11655>)\n * [CVE-2018-11656](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11656>)\n * [CVE-2018-5246](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5246>)\n * [CVE-2018-5247](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5247>)\n * [CVE-2018-5248](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5248>)\n * [CVE-2018-5357](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5357>)\n * [CVE-2018-5358](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5358>)\n * [CVE-2018-6405](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6405>)\n * [CVE-2018-7443](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7443>)\n * [CVE-2018-8804](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8804>)\n * [CVE-2018-8960](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8960>)\n * [CVE-2018-9133](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-9133>)\n", "edition": 5, "modified": "2018-06-14T00:00:00", "published": "2018-06-14T00:00:00", "id": "CFOUNDRY:C94493DDE348FDF28E8866771E34ED7C", "href": "https://www.cloudfoundry.org/blog/usn-3681-1/", "title": "USN-3681-1: ImageMagick vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
