Lucene search

K

MitreCVELIST:CVE-2019-11470

HistoryApr 23, 2019 - 1:54 p.m.

CVE-2019-11470

2019-04-2313:54:54

mitre

www.cve.org

1

7.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.0%

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.

References

lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html

lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html

github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957

github.com/ImageMagick/ImageMagick/issues/1472

lists.debian.org/debian-lts-announce/2019/10/msg00028.html

lists.debian.org/debian-lts-announce/2020/08/msg00030.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/

usn.ubuntu.com/4034-1/

www.debian.org/security/2020/dsa-4712

7.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.0%

Related for CVELIST:CVE-2019-11470

veracode1 nvd1 ubuntucve1 prion1 redhatcve1 osv4 cve1 debiancve1 debian3 openvas11 nessus35 suse2 freebsd1 ibm2 fedora2 cloudfoundry1 ubuntu1 amazon10 oraclelinux1 centos1 redhat1