Lucene search

K
cveMitreCVE-2019-13135
HistoryJul 01, 2019 - 8:15 p.m.

CVE-2019-13135

2019-07-0120:15:11
CWE-908
mitre
web.nvd.nist.gov
244
4
imagemagick
cve-2019-13135
vulnerability
readcutimage
coders
cut.c
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.008

Percentile

82.2%

ImageMagick before 7.0.8-50 has a β€œuse of uninitialized value” vulnerability in the function ReadCUTImage in coders/cut.c.

Affected configurations

Nvd
Node
imagemagickimagemagickRange<6.9.10-50
OR
imagemagickimagemagickRange7.0.0-0–7.0.8-50
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.04
OR
canonicalubuntu_linuxMatch19.10
Node
f5big-ip_application_acceleration_managerRange11.5.2–11.6.5.2
OR
f5big-ip_application_acceleration_managerRange12.1.0–12.1.5.2
OR
f5big-ip_application_acceleration_managerRange13.1.0–13.1.3.4
OR
f5big-ip_application_acceleration_managerRange14.0.0–14.1.2.5
OR
f5big-ip_application_acceleration_managerRange15.0.0–15.0.1.3
OR
f5big-ip_application_acceleration_managerRange15.1.0–15.1.0.2
OR
f5big-ip_webacceleratorRange11.5.2–11.6.5.2
OR
f5big-ip_webacceleratorRange12.1.0–12.1.5.2
OR
f5big-ip_webacceleratorRange13.1.0–13.1.3.4
OR
f5big-ip_webacceleratorRange14.0.0–14.1.2.5
OR
f5big-ip_webacceleratorRange15.0.0–15.0.1.3
OR
f5big-ip_webacceleratorRange15.1.0–15.1.0.2
VendorProductVersionCPE
imagemagickimagemagick*cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonicalubuntu_linux18.04cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
canonicalubuntu_linux19.04cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
canonicalubuntu_linux19.10cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
f5big-ip_application_acceleration_manager*cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
f5big-ip_webaccelerator*cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

Social References

More

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.008

Percentile

82.2%